7595 matches found
WordPress Essential Widgets plugin cross-site scripting vulnerability
WordPress Essential Widgets plugin is a tool used to enhance the functionality of your website, mainly providing the ability to create and add highly customizable widgets Widgets to help users manage the layout of their website content more flexibly. A cross-site scripting vulnerability exists in...
PT-2025-50873
Reflected cross-site scripting vulnerability exists in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSession ZION prior to ver5.3.2. If a user accesses a crafted page or URL, an arbitrary script may be executed on the web browser of the user...
MailEnable FieldBcc Parameter Cross-Site Scripting Vulnerability
MailEnable is a commercial email server software designed for Windows operating systems that provides end-to-end email hosting and collaboration solutions. MailEnable suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied da...
CVE-2025-34406 MailEnable < 10.54 Reflected XSS in Id Parameter of Mobile/ContactDetails.aspx
MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the Id parameter of /Mobile/ContactDetails.aspx. The Id value is not properly sanitized when processed via a GET request and is reflected within a block in the response. By supplying a crafted payload...
CVE-2025-34404 MailEnable < 10.54 Reflected XSS in InstanceScope Parameter of CAL/compose.aspx
MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the InstanceScope parameter of /Mondo/lang/sys/Forms/CAL/compose.aspx. The InstanceScope value is not properly sanitized when processed via a GET request and is reflected inside a block in the...
WordPress plugin Advanced FAQ Manager 跨站脚本漏洞
The WordPress Advanced FAQ Manager plugin is a plugin designed for WordPress websites to help users easily create, manage and display Frequently Asked Questions FAQ pages. The WordPress Advanced FAQ Manager plugin suffers from a cross-site scripting vulnerability that stems from improper input...
Selea Targa IP OCR-ANPR Camera 跨站脚本漏洞
Selea Targa IP OCR-ANPR Camera is an IP camera from Selea. A cross-site scripting vulnerability exists in the Selea Targa IP OCR-ANPR Camera that stems from a stored cross-site scripting issue with the fileslist parameter, which could lead to the execution of arbitrary script...
Coohom SaaS Platform 安全漏洞
Coohom SaaS Platform is a cloud-based integration platform from Coohom Inc. in the United States. A security vulnerability exists in Coohom SaaS Platform that originates from stored cross-site scripting and could lead to session hijacking or arbitrary script execution...
Grav Cross-Site Scripting Vulnerability (CNVD-2025-30348)
Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms and one-page product presentations. Grav suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML by injecting a crafted...
Grav Cross-Site Scripting Vulnerability
Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms and one-page product presentations. Grav suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML by injecting a crafted...
Grav Cross-Site Scripting Vulnerability (CNVD-2025-30345)
Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms and one-page product presentations. Grav suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML by injecting a crafted...
Grav Cross-Site Scripting Vulnerability (CNVD-2025-30346)
Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms and one-page product presentations. Grav suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML by injecting a crafted...
Grav Cross-Site Scripting Vulnerability (CNVD-2025-30347)
Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms and one-page product presentations. Grav suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML by injecting a crafted...
CVE-2025-58486
Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script...
CVE-2025-58486
Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script...
CVE-2025-58485
Improper input validation in Samsung Internet prior to version 29.0.0.48 allows local attackers to inject arbitrary script...
PT-2025-48604
Name of the Vulnerable Software and Affected Versions Samsung Account versions prior to 15.5.01.1 Description A flaw exists in Samsung Account due to improper input validation. This allows a local attacker to execute arbitrary script. Recommendations Update Samsung Account to version 15.5.01.1 or...
Grav 跨站脚本漏洞
Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms and one-page product presentations. Grav suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML by injecting a crafted...
Grav 跨站脚本漏洞
Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms and one-page product presentations. Grav suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML by injecting a crafted...
Grav 跨站脚本漏洞
Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms and one-page product presentations. Grav suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML by injecting a crafted...