37 matches found
CVE-2022-24590
A stored cross-site scripting XSS vulnerability in the Add Link function of BackdropCMS v1.21.1 allows attackers to execute arbitrary web scripts or HTML...
CVE-2021-38138
OneNav beta 0.9.12 allows XSS via the Add Link feature. NOTE: the vendor's position is that there intentionally is not any XSS protection at present, because the attack risk is largely limited to a compromised account; however, XSS protection is planned for a future release...
CVE-2021-38138
OneNav beta 0.9.12 allows XSS via the Add Link feature. NOTE: the vendor's position is that there intentionally is not any XSS protection at present, because the attack risk is largely limited to a compromised account; however, XSS protection is planned for a future release...
Design/Logic Flaw
OneNav beta 0.9.12 allows XSS via the Add Link feature. NOTE: the vendor's position is that there intentionally is not any XSS protection at present, because the attack risk is largely limited to a compromised account; however, XSS protection is planned for a future release...
CVE-2021-38138
OneNav beta 0.9.12 allows XSS via the Add Link feature. NOTE: the vendor's position is that there intentionally is not any XSS protection at present, because the attack risk is largely limited to a compromised account; however, XSS protection is planned for a future release...
CVE-2021-38138
OneNav beta 0.9.12 allows XSS via the Add Link feature. NOTE: the vendor's position is that there intentionally is not any XSS protection at present, because the attack risk is largely limited to a compromised account; however, XSS protection is planned for a future release...
CVE-2021-38138
CVE-2021-38138 affects OneNav beta 0.9.12. The issue is a stored cross‑site scripting (XSS) vulnerability in the Add Link feature, with root cause described as the vendor intentionally lacking XSS protection for now; protection is planned for a future release. Publicly referenced exploit activity...
OneNav 跨站脚本漏洞
OneNav is a minimalist navigation/bookmark management system developed using PHP. OneNav beta 0.9.12 suffers from a cross-site scripting vulnerability, which allows attackers to conduct XSS attacks via the Add Link feature...
PT-2021-21960 · Onenav · Onenav
Name of the Vulnerable Software and Affected Versions: OneNav beta version 0.9.12 Description: The issue allows for XSS via the Add Link feature. The vendor has stated that there is intentionally no XSS protection at present, as the attack risk is largely limited to a compromised account. However...
Design/Logic Flaw
The "Add Link to Facebook" plugin through 2.3 for WordPress has XSS via the al2fbfacebookid parameter to wp-admin/profile.php...
Add Link To Facebook <= 1.215 - Cross Site Scripting (XSS)
The add-link-to-facebook WordPress plugin was affected by a Cross Site Scripting XSS security vulnerability...
bj-xss.txt
BJ Webring XSS By : sn0oPy Risk : high exploit : just inject any script on the add link menu : http://www.target.ma/webring/formulaire.php Dork : intitle:".: index webring :." contact : [email protected] greetz : subzero, http://forums.avenir-geopolitique.net. reference :...
Cross site scripting
Cross-site scripting XSS vulnerability in formulaire.php in Bernard JOLY BJ Webring allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter related to the add link menu...
CVE-2007-1328
Cross-site scripting XSS vulnerability in formulaire.php in Bernard JOLY BJ Webring allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter related to the add link menu...
CVE-2007-1328
Cross-site scripting XSS vulnerability in formulaire.php in Bernard JOLY BJ Webring allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter related to the add link menu...
CVE-2007-1328
The CVE-2007-1328 entry describes a cross-site scripting (XSS) vulnerability in formulaire.php of Bernard JOLY BJ Webring. Affects the add link menu functionality; an unspecified parameter allows remote attackers to inject arbitrary web script or HTML. The issue enables client-side script executi...
CVE-2007-1129
Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow remote attackers to upload and execute files via 1 an avatar upload in an adddown action, or 2 an addlink action...