7610 matches found
microweber 安全漏洞
Microweber is Microweber open source can provide drag and drop functionality of the online store management system . The system includes adding products , images and other modules. microweber 2.0.16 version of a cross-site scripting vulnerability , the vulnerability stems from...
Microweber 安全漏洞
Microweber is Microweber open source can provide drag and drop functionality of the online store management system . The system includes adding products , images and other modules. microweber version 2.0.16 cross-site scripting vulnerability , the vulnerability stems from...
CVE-2024-41819 Note Mark has a stored XSS in the note link href attribute
Note Mark is a web-based Markdown notes app. A stored cross-site scripting XSS vulnerability in Note Mark allows attackers to execute arbitrary web scripts via a crafted payload injected into the URL value of a link in the markdown content. This vulnerability is fixed in 0.13.1...
Arbitrary Script Execution
anki is vulnerable to Arbitrary Script Execution. The vulnerability is due to inadequate validation and handling of flashcard content in the MPV functionality, allowing an attacker to send a malicious flashcard that can trigger arbitrary code execution...
GitLab Enterprise Edition和GitLab Community Edition 安全漏洞
GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition and GitLab Community Edition have a security vulnerability. ...
CVE-2024-22444
A vulnerability within the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a...
Ankitects Anki arbitrary script execution vulnerability
An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability...
GHSA-9GQ7-P5W9-W899 Ankitects Anki arbitrary script execution vulnerability
An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability...
CVE-2024-26020
An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability...
CVE-2024-26020
An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerability...
CVE-2024-39457
Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser...
CVE-2024-39457
Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser...
CVE-2024-39457
Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser...
CVE-2024-39457
Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser...
PT-2025-31574 · Intelbras · Intelbras Rx3000 +1
Name of the Vulnerable Software and Affected Versions: Intelbras RX1500 version 2.2.9 Intelbras RX3000 version 1.0.11 Description: A cross-site scripting XSS issue exists in Intelbras RX1500 version 2.2.9 and RX3000 version 1.0.11. This allows attackers to execute arbitrary web scripts or HTML by...
Broadcom Symantec Privileged Access Management 安全漏洞
Broadcom Symantec Privileged Access Management Broadcom Symantec PAM is a security software from Broadcom, Inc. It helps prevent security breaches by protecting sensitive administrative credentials, controlling privileged user access, proactively enforcing security policies, and monitoring and...
CVE-2024-36453
Cross-site scripting vulnerability exists in sessionlogin.cgi of Webmin versions prior to 1.970 and Usermin versions prior to 1.820. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product. As a result, a...
CVE-2024-36450
Cross-site scripting vulnerability exists in sysinfo.cgi of Webmin versions prior to 1.910. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product. As a result, a session ID may be obtained, a webpage may b...
CVE-2024-36450
Cross-site scripting vulnerability exists in sysinfo.cgi of Webmin versions prior to 1.910. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product. As a result, a session ID may be obtained, a webpage may b...
CVE-2024-36453
Cross-site scripting vulnerability exists in sessionlogin.cgi of Webmin versions prior to 1.970 and Usermin versions prior to 1.820. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product. As a result, a...