7613 matches found
CVE-2022-30604
Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors...
CVE-2022-29487
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors...
CVE-2022-28715
Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors...
CVE-2022-28715
CVE-2022-28715 is a Cross-site scripting vulnerability in Cybozu Office versions 10.0.0–10.8.5. The flaw affects specific parameters and allows a remote attacker to cause arbitrary script execution in a logged-in user’s browser via unspecified vectors (CWE-79). Impact includes the potential for a...
CVE-2022-35133
A cross-site scripting XSS vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node...
CVE-2022-20869
A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. This vulnerability exists because the web-based management...
CVE-2022-20869 Cisco BroadWorks Application Delivery Platform Software Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. This vulnerability exists because the web-based management...
WordPress Testimonial Slider And Showcase 2.2.6 Cross Site Scripting Vulnerability
Exploit Title: Stored XSS in posttitle parameter in WordPress Plugin "Testimonial Slider and Showcase" 2.2.6 Exploit Author: saitamang , yunaranyancat , amdsyad Vendor Homepage: wordpress Software Link: https://wordpress.org/plugins/testimonial-slider-and-showcase/ Version: 2.2.6 Tested on: Cento...
Cross site scripting
A vulnerability, which was classified as problematic, was found in SourceCodester Online Admission System. Affected is an unknown function of the file index.php. The manipulation of the argument eid with the input 8alert1 leads to cross site scripting. It is possible to launch the attack remotely...
CVE-2022-34618
A stored cross-site scripting XSS vulnerability in Mealie 1.0.0beta3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the recipe description text field...
Veeam Management Pack for Microsoft System Center 跨站脚本漏洞
Veeam Management Pack for Microsoft System Center is an ultra-comprehensive and intuitive extension for System Center from Veeam USA. It supports application-to-host management of VMware vSphere, Microsoft Hyper-V and Veeam Backup & Replication. A security vulnerability exists in Veeam Management...
Cisco Unified Communications Manager XSS (cisco-sa-cucm-xss-ksKd5yfA)
The version of Cisco Unified Communications Manager installed on the remote host is version 14 prior to 14SU2. It is, therefore affect by a cross-site scripting vulnerability XSS in the web-based management interface. An unauthenticated remote attacker can, with the action of an authorized user,...
Cisco Unified Communications Manager IM & Presence XSS (cisco-sa-cucm-xss-ksKd5yfA)
The version of Cisco Unified Communications Manager IM & Presence Service installed on the remote host is 11.51 prior to 11.51SU11, 12.51 prior to 12.51SU6 or 14 prior to 14SU2. It is, therefore affect by a cross-site scripting vulnerability XSS in the web-based management interface. An...
Cross site scripting
A vulnerability in SAP NW EP WPC - versions 7.30, 7.31, 7.40, 7.50, which does not sufficiently validate user-controlled input, allows a remote attacker to conduct a Cross-Site XSS scripting attack. A successful exploit could allow the attacker to execute arbitrary script code which could lead to...
Cross site scripting
Cross-site scripting vulnerability in LiteCart versions prior to 2.4.2 allows a remote attacker to inject an arbitrary script via unspecified vectors...
CVE-2022-27168
Cross-site scripting vulnerability in LiteCart versions prior to 2.4.2 allows a remote attacker to inject an arbitrary script via unspecified vectors...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified CM Session Management Edition Unified CM SME, and Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, and Cisco Unity Connection could...
CVE-2022-20815 Cisco Unified Communications Products Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified CM Session Management Edition Unified CM SME, and Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to...
CVE-2022-20815 Cisco Unified Communications Products Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified CM Session Management Edition Unified CM SME, and Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to...