3237 matches found
Cross-Site Scripting (XSS)
servicestack is vulnerable to cross-site scripting XSS. A remote attacker is able to inject and execute arbitrary Javascript in a user's browser via a malicious URL to the application...
Cross site scripting
A reflected Cross Site Scripting XXS vulnerability in ArcGIS Server version 10.8.1 and below may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the user’s browser...
Esri Arcgis Server 跨站脚本漏洞
ArcGIS Server is the back-end server software component of ArcGIS Enterprise from Esri that makes your geographic information available to others in your organization, and optionally makes it available to anyone with an Internet connection. A reflected cross-site scripting vulnerability exists in...
Cross site scripting
A reflected Cross Site Scripting XSS vulnerability in Esri ArcGIS Server version 10.8.1 and below may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the user’s browser...
CVE-2021-29106 There is a reflected Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server version 10.8.1 and below.
A reflected Cross Site Scripting XSS vulnerability in Esri ArcGIS Server version 10.8.1 and below may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the user’s browser...
CVE-2021-29106 There is a reflected Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server version 10.8.1 and below.
A reflected Cross Site Scripting XSS vulnerability in Esri ArcGIS Server version 10.8.1 and below may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the user’s browser...
Esri Arcgis Server 跨站脚本漏洞
ArcGIS Server is the back-end server software component of ArcGIS Enterprise from Esri that makes your geographic information available to others in your organization, and optionally makes it available to anyone with an Internet connection. A reflected cross-site scripting vulnerability exists in...
Apache Jena Fuseki Cross-Site Scripting Vulnerability
Apache Jena Fuseki is a SPARQL server from the Apache Foundation USA. It can run as an operating system service, as a Java Web application WAR file, and as a standalone server. A cross-site scripting vulnerability exists in Apache Jena Fuseki versions 2.0.0 through 4.0.0, which can be exploited b...
CVE-2021-33192
A vulnerability in the HTML pages of Apache Jena Fuseki allows an attacker to execute arbitrary javascript on certain page views. This issue affects Apache Jena Fuseki from version 2.0.0 to version 4.0.0 inclusive...
CVE-2021-33192
A vulnerability in the HTML pages of Apache Jena Fuseki allows an attacker to execute arbitrary javascript on certain page views. This issue affects Apache Jena Fuseki from version 2.0.0 to version 4.0.0 inclusive...
CVE-2021-33192 Display information UI XSS
A vulnerability in the HTML pages of Apache Jena Fuseki allows an attacker to execute arbitrary javascript on certain page views. This issue affects Apache Jena Fuseki from version 2.0.0 to version 4.0.0 inclusive...
Zimbra Collaboration Suite Cross-Site Scripting Vulnerability
Zimbra Collaboration Suite ZCS is a collaboration software suite that includes an email server and web client. A cross-site scripting vulnerability exists in the login component of the web client for Zimbra Collaboration Suite. An attacker could exploit this vulnerability by adding executable...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
💥 BUG Stored xss 2 💥 VERSION TESTED latest version as of 4/7/21 💥 IMPACT xss allow to execute arbitary javascript in vicitm account 💥 STEP TO REPRODUCE 1. goto http://localhost/online-rental/app/admin/pageSettings.php and click on Sign Up tab .\ put bellow xss payload xss2"' in Members custom...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
💥 BUG Stored xss via signup page 💥 VERSION TESTED latest version as of 4/7/21 💥 IMPACT xss allow to execute arbitary javascript in vicitm account 💥 STEP TO REPRODUCE 1. goto http://localhost/online-rental/app/admin/pageSettings.php and click on Sign Up tab . Here allow signup.\ now put bellow xss...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
💥 BUG Stored xss via anonymouse-group 💥 VERSION TESTED latest version as of 4/7/21 💥 IMPACT xss allow to execute arbitary javascript in vicitm account 💥 STEP TO REPRODUCE 1. goto http://localhost/online-rental/app/admin/pageSettings.php and click Preconfigured users and groups tab .\ put bellow...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system
💥 BUG xss via unpaid-invoice-comment 💥 VERSION TESTED latest version as of 3/7/21 💥 IMPACT xss allow to execute arbitary javascript in vicitm account 💥 STEP TO REPRODUCE 1. goto http://localhost/online-invoice3/app/hooks/calendar-unpaid-invoices.php?date=2021-06-03&view=dayGridMonth and create a...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
💥 BUG xss via Applications/Leases 💥 VERSION TESTED latest version as of 1/7/21 💥 IMPACT xss allow to execute arbitary javascript in vicitm account 💥 STEP TO REPRODUCE 1. goto http://localhost/online-rental/app/applicationsleasesview.php and create a new application .\ During creation put bellow...
Cross site scripting
An issue was discovered in Zimbra Collaboration Suite 8.8 before 8.8.15 Patch 23 and 9.0 before 9.0.0 Patch 16. An XSS vulnerability exists in the login component of Zimbra Web Client, in which an attacker can execute arbitrary JavaScript by adding executable JavaScript to the loginErrorCode...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system
💥 BUG xss via groupname 💥 VERSION TESTED latest version as of 1/7/21 💥 IMPACT xss allow to execute arbitary javascript in vicitm account 💥 STEP TO REPRODUCE 1. first goto http://localhost/online-invoice2/app/admin/pageEditGroup.php and add a new group and put bellow xss payload in group-name....
AKCP sensorProbe SPX476 - (Multiple) Cross-Site Scripting Vulnerability
Exploit Title: AKCP sensorProbe SPX476 - 'Multiple' Cross-Site Scripting XSS Exploit Author: Tyler Butler Vendor Homepage: https://www.akcp.com/ Software Link: https://www.akcp.com/support-center/customer-login/sensorprobe-series-firmware-download/ Advisory:...