CVE-2023-37785

A cross-site scripting XSS vulnerability in ImpressCMS v1.4.5 and before allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the smilecode parameter of the component /editprofile.php...

Cross site scripting

A cross-site scripting XSS vulnerability in ImpressCMS v1.4.5 and before allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the smilecode parameter of the component /editprofile.php...

Cross site scripting

Cross-site scripting vulnerability in WRH-300WH-H v2.12 and earlier, and WTC-300HWH v1.09 and earlier allows a remote unauthenticated attacker to inject an arbitrary script...

CVE-2023-37560

Cross-site scripting vulnerability in WRH-300WH-H v2.12 and earlier, and WTC-300HWH v1.09 and earlier allows a remote unauthenticated attacker to inject an arbitrary script...

CVE-2023-37560

CVE-2023-37560 affects ELECOM WRH-300WH-H v2.12 and earlier and WTC-300HWH v1.09 and earlier. It is a cross-site scripting vulnerability that allows a remote unauthenticated attacker to inject arbitrary script, potentially affecting a user’s logged-in browser session. The available mitigation in ...

CVE-2023-37746

A cross-site scripting XSS vulnerability in Maid Hiring Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter of the /admin/contactus.php component...

Discourse 跨站脚本漏洞

Discourse is an open source community discussion platform. The platform includes features such as community, email and chat rooms. Discourse suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which ca...

CVE-2023-37280

Pimcore Admin Classic Bundle (ExtJS-based Backend UI) contains a cross-site scripting vulnerability (CVE-2023-37280) that can be exploited by any admin who has not set up two-factor authentication, without extra privileges. The issue allows execution of arbitrary scripts/HTML content via the admi...

EyouCms Cross-Site Scripting Vulnerability (CNVD-2023-58096)

EyouCms is an open source content management system CMS based on ThinkPHP. EyouCms has a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the Column management module, which can be exploited by an attacker to execute arbitrar...

Cisco Webex Meetings Cross-Site Scripting Vulnerability (CNVD-2023-62934)

Cisco Webex Meetings is a set of video conferencing solutions from Cisco USA. Cisco Webex Meetings suffers from a cross-site scripting vulnerability that stems from a lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary Web...

Hostel Management System 跨站脚本漏洞

PHPGurukul Hostel Management System is a hostel management system. A security vulnerability exists in Hostel Management System version v2.1, which can be exploited to execute arbitrary web script or HTML via the add course drop-down menu...

CVE-2023-37136

A stored cross-site scripting XSS vulnerability in the Basic Website Information module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2023-37135

A stored cross-site scripting XSS vulnerability in the Image Upload module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2023-37134

A stored cross-site scripting XSS vulnerability in the Basic Information module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Basic Information module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Image Upload module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

Cross site scripting

A cross-site scripting XSS vulnerability in User Registration & Login and User Management System with Admin Panel v3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the first and last name field...

Bagecms 跨站脚本漏洞

BageCMS is a cross-platform content management system CMS based on PHP and MySQL by the BageCMS team in China. A cross-site scripting vulnerability exists in BageCMS v3.1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the custom settings module, and can ...

Cisco Secure Email and Web Manager XSS (cisco-sa-esa-sma-wsa-xss-cP9DuEmq)

According to its self-reported version, Cisco Secure Email and Web Manager is affected by cross-site scripting vulnerabilities. The vulnerability is due to insufficient validation of user input. An attacker could exploit this by persuading a user of an affected interface to click a crafted link. ...

Cisco Secure Web Appliance XSS (cisco-sa-esa-sma-wsa-xss-cP9DuEmq)

According to its self-reported version, Cisco Secure Web Appliance is affected by cross-site scripting vulnerabilities. The vulnerability is due to insufficient validation of user input. An attacker could exploit this by persuading a user of an affected interface to click a crafted link. A...