CVE-2023-41156

A Stored Cross-Site Scripting XSS vulnerability in the filter and forward mail tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via the save to new folder named field while creating a new filter...

CVE-2023-41159

A Stored Cross-Site Scripting XSS vulnerability while editing the autoreply file page in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML by editing the forward file manually...

CVE-2023-41160

A Stored Cross-Site Scripting XSS vulnerability in the SSH configuration tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via the key name field while adding an authorized key...

CVE-2023-41155

A Stored Cross-Site Scripting XSS vulnerability in the mail forwarding and replies tab in Webmin and Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the forward to field while creating a mail forwarding rule...

CVE-2023-41152

A Stored Cross-Site Scripting XSS vulnerability in the MIME type programs tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the handle program field while creating a new MIME type program...

Cross site scripting

A Reflected Cross-site scripting XSS vulnerability in the file manager tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the file mask field while searching under the tools drop down...

Cross site scripting

A Stored Cross-Site Scripting XSS vulnerability in the MIME type programs tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the description field while creating a new MIME type program...

CVE-2023-41154

A Stored Cross-Site Scripting XSS vulnerability in the scheduled cron jobs tab in Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the value field parameter while creating a new environment variable...

CVE-2023-41155

A Stored Cross-Site Scripting XSS vulnerability in the mail forwarding and replies tab in Webmin and Usermin 2.000 allows remote attackers to inject arbitrary web script or HTML via the forward to field while creating a mail forwarding rule...

Cross site scripting

Cross Site Scripting XSS in Webmail Calendar in IceWarp 10.3.1 allows remote attackers to inject arbitrary web script or HTML via the "p4" field...

CVE-2023-41013

Cross Site Scripting XSS in Webmail Calendar in IceWarp 10.3.1 allows remote attackers to inject arbitrary web script or HTML via the "p4" field...

CVE-2023-39710

Multiple cross-site scripting XSS vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Customer section...

CVE-2023-41153

A Stored Cross-Site Scripting XSS vulnerability in the SSH configuration tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via options for the host value while editing the host options...

HumbertoCaldas CMS 0.1.3 Cross Site Scripting

==================================================================================================================================== | Title : HumbertoCaldas Cms v0.1.3 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2 32-bit | |...

CVE-2022-48547

A reflected cross-site scripting XSS vulnerability in Cacti 0.8.7g and earlier allows unauthenticated remote attackers to inject arbitrary web script or HTML in the "ref" parameter at authchangepassword.php...

ZOHO ManageEngine Password Manager Pro Cross-Site Scripting Vulnerability

ZOHO ManageEngine Password Manager Pro is a password manager from ZOHO USA. ZOHO ManageEngine Password Manager Pro suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the query report function, which can be...

CrafterCMS is an open source headless CMS for enterprise-level websites and other content-driven digital experiences, especially those that are high-performance, large-scale and ultra-secure. CrafterCMS suffers from a cross-site scripting vulnerability in versions 3.1.0 through 3.1.27 and 4.0.0 through 4.0.2. The vulnerability is due to improper neutralization of inputs during page generation allowing for reflected XSS.No detailed vulnerability details are available at this time.

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

Cleaning Business Software Cross-Site Scripting Vulnerability

Cleaning Business Software is PHPJabbers open source a cleaning business software. Cleaning Business Software v1.0 version of the existence of cross-site scripting vulnerabilities , the vulnerability stems from the file / index.php parameter index of the user-supplied data lack of effective...

Availability Booking Calendar PHP Cross Site Scripting Vulnerability

Availability Booking Calendar PHP is GZ Scripts open source an availability booking calendar system . Availability Booking Calendar PHP v1.0 version of a cross-site scripting vulnerability , the vulnerability stems from the file index.php parameter promocode on the user-supplied data lack of...

Diafan CMS Cross-Site Scripting Vulnerability

Diafan CMS is a website builder from Diafan. It is used to create online stores. A cross-site scripting vulnerability exists in Diafan CMS v6.0, which originates from the lack of effective filtering and escaping of user-supplied data in the catid parameter of /shop/?module=shop&action=search, whi...