The vulnerability of the Microsoft.NET Framework software, related to insufficient validation of input data, allows a perpetrator to cause service failures.

The vulnerability of the Microsoft.NET Framework is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

Badminton Center Management System跨站脚本漏洞

Badminton Center Management System is a badminton center management system from Carlo Montero's personal developer. Badminton Center Management System is vulnerable to a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied data and output for the...

Zoo Management System Cross-Site Scripting Vulnerability (CNVD-2022-77494)

A cross-site scripting vulnerability exists in Zoo Management System version 1.0, a zoo management system. The vulnerability stems from a lack of data validation filtering of user-supplied data and output by adminname. An attacker could exploit this vulnerability to execute JavaScript code on the...

NetDataSoft DivvyDrive Cross-Site Scripting Vulnerability

NetDataSoft DivvyDrive is an enterprise file management and sharing system from the Turkish company NetDataSoft. Used to encrypt and store all data and allow secure access to your data from anywhere. cross-site scripting vulnerability exists in versions prior to NetDataSoft DivvyDrive v.4.6.2.0,...

Grin insufficient data validation

Grin 3.0.0 before 4.0.0 has insufficient validation of data related to Mimblewimble...

Popcorn Time Cross-Site Scripting Vulnerability

Popcorn Time is a multi-platform BitTorrent client. version 0.4.7 of Popcorn Time is vulnerable to a cross-site scripting vulnerability that originates in the setting page Movies API Servers field's lack of data validation filtering for user-supplied data and output. An attacker could exploit the...

WordPress Image Hover Effects Ultimate plugin跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Image Hover Effects Ultimate plugin 9.7.1 and earlier versions are vulnerable to a cross-site...

WordPress Checkout Files Upload for WooCommerce plugin跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed using the PHP language. WordPress Checkout Files Upload for WooCommerce plugin 2.1.2 and previous versions contain a cross-site scripting vulnerability that stems from a lack of data...

OrangeHRM Cross-Site Scripting Vulnerability (CNVD-2022-68518)

OrangeHRM is a human resource management system HRM from OrangeHRM USA. The system supports personnel information management, leave management, time and attendance management and recruitment management, etc. A cross-site scripting vulnerability exists in OrangeHRM v4.10.1, which stems from a lack...

Badminton Center Management System 跨站脚本漏洞

Badminton Center Management System is a badminton center management system from Carlo Montero's personal developer. Badminton Center Management System is vulnerable to a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied data and output for the...

JGraph draw.io Cross-Site Scripting Vulnerability

JGraph draw.io is a configurable charting/whiteboard visualization application for JGraph. versions prior to JGraph draw.io 18.0.4 contain a cross-site scripting vulnerability that stems from the program's lack of data validation filtering of user-supplied data and output. An attacker could explo...

CVE-2021-21187

Insufficient data validation in URL formatting in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

FiberHome VDSL2 Modem HG150-Ub Cross Site Scripting Vulnerability

FiberHome VDSL2 Modem HG150-Ub is a router device from FiberHome.A cross-site scripting vulnerability exists in FiberHome VDSL2 Modem HG150-Ub V3.0, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit this vulnerability to conduct...

ToolJet Code Injection Vulnerability

A code injection vulnerability exists in ToolJet v0.6.0 through v1.10.2, which stems from a lack of data validation filtering of user-supplied data and output in the first and last name fields of the invitation email. An attacker could exploit this vulnerability to inject malicious code when...

Popcorn Time 跨站脚本漏洞

Popcorn Time is a multi-platform BitTorrent client. version 0.4.7 of Popcorn Time is vulnerable to a cross-site scripting vulnerability that originates in the setting page Movies API Servers field's lack of data validation filtering for user-supplied data and output. An attacker could exploit the...

Cisco UCS Director Cross-Site Scripting Vulnerability (CNVD-2022-68519)

Cisco UCS Director is a private cloud infrastructure-as-a-service IaaS heterogeneous platform from Cisco Cisco U.S. A cross-site scripting vulnerability exists in versions prior to Cisco UCS Director 6.6, which stems from a lack of data validation filtering of user-supplied data and output. An...

JGraph draw.io 跨站脚本漏洞

JGraph draw.io is a configurable charting/whiteboard visualization application for JGraph. versions prior to JGraph draw.io 18.0.4 contain a cross-site scripting vulnerability that stems from the program's lack of data validation filtering of user-supplied data and output. An attacker could explo...

GNUBOARD5 Cross-Site Scripting Vulnerability (CNVD-2022-70083)

GNUBOARD5 is a PHP and MySQL-based Web forum system. GNUBOARD5 versions 5.55 and 5.56 are vulnerable to a cross-site scripting vulnerability, which originates in bbs/memberconfirm.php and lacks a data validation filter for user-supplied data and output. An attacker could exploit this vulnerabilit...

The vulnerability of the LDAP service protocol implementation in Microsoft Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the LDAP service protocol implementation in Microsoft Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by transmitting specially crafted data...

The vulnerability of the Fax Service in Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Fax Service in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...