Lucene search
K

7613 matches found

CNNVD
CNNVD
added 2022/12/05 12:0 a.m.4 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress versions prior to 6.0.3. An attacker exploiting this...

6.1CVSS5.8AI score0.00958EPSS
Exploits0References4
Prion
Prion
added 2022/12/02 8:15 p.m.11 views

Cross site scripting

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /projects/listprojects.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

4.9CVSS5.3AI score0.00415EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/12/02 8:15 p.m.14 views

Cross site scripting

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field...

4.9CVSS5.3AI score0.00405EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/02 12:0 a.m.4 views

CVE-2022-44961

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /forums/editforum.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

5.3AI score0.00405EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/12/02 12:0 a.m.5 views

CVE-2022-44962

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /calendar/viewcalendar.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Subject field...

5.3AI score0.00405EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/12/02 12:0 a.m.6 views

CVE-2022-44950

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting XSS vulnerability in the Add New Field function at /index.php?module=entities/fields&entitiesid=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name...

5.8AI score0.0094EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/12/02 12:0 a.m.7 views

CVE-2022-44957

webtareas 2.4p5 was discovered to contain a cross-site scripting XSS vulnerability in the component /clients/listclients.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

6.2AI score0.0104EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/12/01 12:0 a.m.26 views

Cisco Firepower Management Center Software XSS Vulnerabilities (cisco-sa-fmc-xss-LATZYzxs)

The version of Cisco Firepower Management Center installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to...

4.8CVSS5.5AI score0.00473EPSS
Exploits0References31
Cvelist
Cvelist
added 2022/11/30 7:24 p.m.22 views

CVE-2022-37926

A vulnerability within the web-based management interface of EdgeConnect Enterprise could allow a remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface by uploading a specially crafted file. A successful exploit could allow an attacker to execute...

5.5CVSS5.5AI score0.00469EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/11/30 7:22 p.m.23 views

CVE-2022-37925

A vulnerability within the web-based management interface of Aruba EdgeConnect Enterprise could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim...

6.1CVSS6.1AI score0.0049EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/30 7:22 p.m.6 views

CVE-2022-37925

A vulnerability within the web-based management interface of Aruba EdgeConnect Enterprise could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim...

6.1CVSS6AI score0.0049EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/28 12:0 a.m.5 views

PT-2022-27444 · Unknown · Web-Based Student Clearance System

Name of the Vulnerable Software and Affected Versions: Web-Based Student Clearance System version 1.0 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the txtfullname parameter in the Admin/add-admin.php file. This enables the...

4.8CVSS5.5AI score0.00467EPSS
Exploits0References5
Cvelist
Cvelist
added 2022/11/28 12:0 a.m.16 views

CVE-2022-45214

A cross-site scripting XSS vulnerability in Sanitization Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter at /php-sms/classes/Login.php...

6AI score0.00423EPSS
Exploits1References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/11/25 12:0 a.m.49 views

JVN#53682526: Multiple cross-site scripting vulnerabilities in baserCMS

baserCMS provided by baserCMS Users Community contains multiple cross-site scripting vulnerabilities listed below. Stored cross-site scripting vulnerability in User management CWE-79 - CVE-2022-39325 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N| Base...

6.1CVSS5.5AI score0.00586EPSS
Exploits0
CVE
CVE
added 2022/11/25 12:0 a.m.79 views

CVE-2022-45038

WBCE CMS v1.5.4 suffers a stored XSS in /admin/settings/save.php, exploitable via a crafted payload in the Website Footer field. Impact described: arbitrary script execution in users' browsers, with risks such as data theft, session hijacking, or page defacement. Affected component: admin/setting...

5.4CVSS5.2AI score0.01024EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/25 12:0 a.m.5 views

CVE-2022-45037

A cross-site scripting XSS vulnerability in /admin/users/index.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Display Name field...

5.3AI score0.01024EPSS
Exploits1References1
OSV
OSV
added 2022/11/23 9:15 p.m.3 views

CVE-2022-45280

A cross-site scripting XSS vulnerability in the Url parameter in /login.php of EyouCMS v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS5.9AI score0.00343EPSS
Exploits1References1
Check Point Advisories
Check Point Advisories
added 2022/11/23 12:0 a.m.9 views

Pimcore Cross Site Scripting (CVE-2022-0831; CVE-2022-0832)

A cross site scripting vulnerability exists in Pimcore. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary script into the affected system...

3.5CVSS4.9AI score0.6662EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2022/11/23 12:0 a.m.7 views

CVE-2022-45280

A cross-site scripting XSS vulnerability in the Url parameter in /login.php of EyouCMS v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.8AI score0.00343EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/11/21 12:0 a.m.7 views

CVE-2022-45013

A cross-site scripting XSS vulnerability in the Show Advanced Option module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Section Header field...

4.9AI score0.00493EPSS
Exploits0References3
Rows per page
Query Builder