CVE-2020-13628

Cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to host-monitoring/src/toolbar.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5,...

Cross site scripting

Cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script or HTML via the page parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5,...

CVE-2020-13628

Cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to host-monitoring/src/toolbar.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5,...

CVE-2020-13627

Cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5,...

Microsoft Windows Contact Files HTML Injection

A html injection vulnerability exists in Microsoft. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

Orchard Core RC1 - Persistent Cross-Site Scripting

Exploit Title: Orchard Core RC1 - Persistent Cross-Site Scripting Google Dork: "Orchardcms" Date: 2020-05-07 Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: http://www.orchardcore.net/ Software Link: https://github.com/OrchardCMS/OrchardCore Version: RC1 Tested on: Windows CVE...

CVE-2020-12708

Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the catid parameter to downloads/downloads.php or article.php. NOTE: this might overlap CVE-2012-6043...

Cross site scripting

Multiple Cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the go parameter to faq/faqadmin.php or shoutboxpanel/shoutboxadmin.php...

Cross site scripting

Cross-site scripting XSS vulnerability in mailhive/cloudbeez/cloudloader.php and mailhive/cloudbeez/cloudloadercore.php in the MailBeez plugin for ZenCart before 3.9.22 allows remote attackers to inject arbitrary web script or HTML via the cloudloadermode parameter...

Cross site scripting

Cross-site scripting vulnerability in Sales Force Assistant version 11.2.48 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the application 'E-mail'...

CVE-2020-5568

Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 5.0.0 allows remote attackers to inject arbitrary web script or HTML via the applications 'Messages' and 'Bulletin Board'...

Cross-Site Scripting (XSS)

tomcat5 is vulnerable to cross-site scripting XSS. The Tomcat security update RHSA-2009:1164 did not, unlike the erratum text stated, provide a fix for CVE-2009-0781, a cross-site scripting XSS flaw in the examples calendar application. With some web browsers, remote attackers could use this flaw...

Cross site scripting

A cross-site scripting XSS vulnerability in the index page of the CLink Office 2.0 management console allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

Terramaster TOS Cross Site Scripting (CVE-2018-13334; CVE-2018-13335; CVE-2018-13357)

A cross site scripting exists in Terramaster TOS. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

CVE-2019-13495

In firmware version 4.50 of Zyxel XGS2210-52HP, multiple stored cross-site scripting XSS issues allows remote authenticated users to inject arbitrary web script via an rpSys.html Name or Location field...

Wordpress WPForms Plugin Cross-Site Scripting (CVE-2020-10385)

A cross-site scripting vulnerability exists in Wordpress WPForms plugin. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

CVE-2020-5559

Cross-site scripting vulnerability in WL-Enq 1.11 and 1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2020-5557

Cross-site scripting vulnerability in CuteNews 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting vulnerability in CuteNews 2.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...