70 matches found
CVE-2024-41665
Ampache, a web based audio/video streaming application and file manager, has a stored cross-site scripting XSS vulnerability in versions prior to 6.6.0. This vulnerability exists in the "Playlists - Democratic - Configure Democratic Playlist" feature. An attacker with Content Manager permissions...
EUVD-2014-9722
Malware in sbrugna...
EUVD-2018-13438
Malware in sbrugna...
EUVD-2021-0140
Malware in sbrugna...
EUVD-2020-22821
Malware in sbrugna...
EUVD-2022-31602
Malicious code in bioql PyPI...
EUVD-2022-38942
Malicious code in bioql PyPI...
EUVD-2022-30246
Malicious code in bioql PyPI...
EUVD-2024-18434
Malicious code in bioql PyPI...
EUVD-2024-0831
Malicious code in bioql PyPI...
EUVD-2021-9366
Malicious code in bioql PyPI...
EUVD-2025-20705
Malicious code in bioql PyPI...
EUVD-2025-4464
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2019-16218
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WordPress before 5.2.3 allows XSS in stored comments. CVE-2019-16218 Note that Nessus relies on the presence of the package as reported by the vendor...
CVE-2025-53929 WeGIA vulnerable to Stored Cross-Site Scripting (XSS) via endpoint `adicionar_cor.php` parameter `cor`
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting XSS vulnerability was identified in the adicionarcor.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject...
CVE-2025-53991 WordPress JetTricks plugin <= 1.5.4.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetTricks jet-tricks allows Stored XSS.This issue affects JetTricks: from n/a through = 1.5.4.1...
CVE-2025-28957 WordPress OwnerRez API plugin <= 1.2.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in OwnerRez OwnerRez API ownerrez allows Stored XSS.This issue affects OwnerRez API: from n/a through = 1.2.1...
CVE-2020-35946
An issue was discovered in the All in One SEO Pack plugin before 3.6.2 for WordPress. The SEO Description and Title fields are vulnerable to unsanitized input from a Contributor, leading to stored XSS...
CVE-2020-2256
Jenkins Pipeline Maven Integration Plugin 3.9.2 and earlier does not escape the upstream job's display name shown as part of a build cause, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...
CVE-2019-20891
WooCommerce before 3.6.5, when it handles CSV imports of products, has a cross-site request forgery CSRF issue with resultant stored cross-site scripting XSS via includes/admin/importers/class-wc-product-csv-importer-controller.php...