UliCMS Cross-Site Scripting Vulnerability

UliCMS is an open source content management system. UliCMS suffers from a cross-site scripting vulnerability that stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

CVE-2020-8876

This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

pki-core cross-site scripting vulnerability (CNVD-2020-27181)

pki-core is a library that provides an API for PKI operations. A cross-site scripting vulnerability exists in pki-core. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

pki-core cross-site scripting vulnerability (CNVD-2020-27180)

pki-core is a library that provides an API for PKI operations. A cross-site scripting vulnerability exists in pki-core. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

Nagios XI Cross-Site Scripting Vulnerability (CNVD-2020-19531)

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A cross-site scripting vulnerability exists in Nagios XI version 5.6.11. The vulnerability stems from the...

CVE-2020-8878

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.916. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2020-8880

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.916. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Ignite Realtime Openfire Cross-Site Scripting Vulnerability (CNVD-2020-22261)

Ignite Realtime Openfire is the Ignite Realtime community of a Java development and based on XMPP formerly known as Jabber, Instant Messaging Protocol cross-platform open source real-time collaboration RTC server , it can build a highly efficient instant messaging server , and supports tens of...

Open edX Cross-Site Scripting Vulnerability

Open edX is an online learning management system. A cross-site scripting vulnerability exists in Open edX Ironwood.1, which stems from the lack of proper validation of client data in the WEB application and can be exploited by an attacker to execute client-side code...

Subversion ALM for the enterprise cross-site scripting vulnerability

Subversion ALM for the enterprise is a lightweight answer submission management system. A cross-site scripting vulnerability exists in Subversion ALM for the enterprise prior to 8.8.2, which stems from a lack of proper validation of client-side data in the web application and can be exploited by ...

CloudBees Jenkins Subversion Release Manager Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . Subversion Release Manager Plugin is used ...

NETSAS Enigma NMS Cross-Site Scripting Vulnerability (CNVD-2020-18995)

NETSAS Enigma NMS is a suite of network management and monitoring tools from NETSAS Australia. A cross-site scripting vulnerability exists in NETSAS Enigma NMS version 65.0.0 and earlier. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

CloudBees Jenkins Audit Trail plugin cross-site scripting vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Audit Trail Plugin is used in one of the audi...

Adobe Photoshop U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

Adobe Photoshop PCX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

CloudBees Jenkins Timestamper plugin cross-site scripting vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . Timestamper Plugin is used in one of the...

Contao Cross-Site Scripting Vulnerability

Contao is an open source content management system CMS developed using PHP. The system supports search engine , rights management and CSS framework . A cross-site scripting vulnerability exists in Contao versions prior to 4.5.7, which stems from a lack of proper validation of client-side data by...

pki-core cross-site scripting vulnerability

pki-core is a library that provides an API for PKI operations. A cross-site scripting vulnerability exists in the Token Processing Service TPS of pki-core. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker could exploit the...

Adobe Photoshop GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

Adobe Photoshop DCM Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...