7610 matches found
CVE-2024-30950
A stored cross-site scripting XSS vulnerability in FUDforum v3.1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SQL statements field under /adm/admsql.php...
CVE-2024-30950
A stored cross-site scripting XSS vulnerability in FUDforum v3.1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SQL statements field under /adm/admsql.php...
WonderCMS 安全漏洞
WonderCMS is an open source PHP-based content management system CMS. A security vulnerability exists in WonderCMS version v3.4.3, which originates from a cross-site scripting XSS vulnerability in the Settings section. An attacker can exploit this vulnerability to execute arbitrary web script or...
WonderCMS 安全漏洞
WonderCMS is an open source PHP-based content management system CMS. A security vulnerability exists in WonderCMS version v3.4.3, which originates from a cross-site scripting XSS vulnerability in the Settings section. An attacker can exploit this vulnerability to execute arbitrary web script or...
WonderCMS 安全漏洞
WonderCMS is an open source PHP-based content management system CMS. A cross-site scripting vulnerability exists in WonderCMS v3.4.3, which stems from the lack of effective filtering and escaping of user-supplied data in the PAGE DESCRIPTION parameter of the Settings section, and can be exploited...
CVE-2024-32338
WonderCMS v3.4.3 is affected by a cross-site scripting (XSS) vulnerability in the Settings section, exploitable via a crafted payload in the PAGE TITLE parameter under the Current Page module. Impact: can disclose/modify data (low confidentiality and integrity impact) with no availability impact ...
CVE-2024-30950
A stored cross-site scripting XSS vulnerability in FUDforum v3.1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SQL statements field under /adm/admsql.php...
CVE-2024-32344
CMSimple v5.15 is affected by an XSS in the Settings menu, via crafted input in the Language section Edit parameter. The vulnerability arises from insufficient filtering/escaping of user-supplied data in that parameter, enabling arbitrary script/HTML execution. In-the-wild details are not provide...
CVE-2024-31649
CVE-2024-31649 is a cross-site scripting (XSS) vulnerability in Cosmetics and Beauty Product Online Store v1.0. The flaw allows an attacker to execute arbitrary web scripts or HTML by injecting a crafted payload into the Product Name parameter. Public sources consistently describe the affected so...
Adobe Experience Manager cross-site scripting vulnerability (CNVD-2024-17896)
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
Adobe Experience Manager cross-site scripting vulnerability (CNVD-2024-17895)
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
Adobe Experience Manager cross-site scripting vulnerability (CNVD-2024-17891)
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
CVE-2024-26019
Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in submit processing. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product...
CVE-2024-29220
Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in custom fields for labels. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product...
CVE-2024-26019
CVE-2024-26019 affects Ninja Forms (WordPress) prior to 3.8.1, enabling a cross‑site scripting (XSS) vulnerability in submit processing. Exploitation could cause arbitrary JavaScript execution in the web browser of a user visiting the affected site. The root cause is insufficient input sanitizati...
CVE-2024-26019
Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in submit processing. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product...
CVE-2024-29220
CVE-2024-29220 affects Ninja Forms (WordPress) prior to 3.8.1. The issue is a cross-site scripting (XSS) vulnerability in the labels of custom fields, allowing an attacker to cause arbitrary script execution in a user’s browser when visiting a site using the product. Public references confirm the...
Mageia: Security Advisory (MGASA-2024-0116)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
Adobe Experience Manager 跨站脚本漏洞
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...