Lucene search
K

7613 matches found

CNNVD
CNNVD
added 2022/02/25 12:0 a.m.3 views

Notimoo 跨站脚本漏洞

Notimoo is a method for web developers to display notifications to users. PaquitoSoftware Notimoo suffers from a cross-site scripting vulnerability that can be exploited by attackers to execute arbitrary web script or HTML via a carefully crafted header or message in a notification...

6.1CVSS5.5AI score0.00611EPSS
Exploits1References2
OSV
OSV
added 2022/02/24 7:15 p.m.4 views

CVE-2022-25305

The WP Statistics WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the IP parameter found in the /includes/class-wp-statistics-ip.php file which allows attackers to inject arbitrary web scripts onto several pages that execute when site...

6.1CVSS5.7AI score0.81157EPSS
Exploits1References3
NVD
NVD
added 2022/02/24 3:15 p.m.14 views

CVE-2022-24374

Cross-site scripting vulnerability in a-blog cms Ver.2.8.x series versions prior to Ver.2.8.75, Ver.2.9.x series versions prior to Ver.2.9.40, Ver.2.10.x series versions prior to Ver.2.10.44, Ver.2.11.x series versions prior to Ver.2.11.42, and Ver.3.0.x series versions prior to Ver.3.0.1 allows ...

6.1CVSS0.00891EPSS
Exploits0References2
NVD
NVD
added 2022/02/24 3:15 p.m.13 views

CVE-2022-24435

Cross-site scripting vulnerability in phpUploader v1.2 and earlier allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS0.00932EPSS
Exploits0References2
OSV
OSV
added 2022/02/24 3:15 p.m.21 views

CVE-2022-24435

Cross-site scripting vulnerability in phpUploader v1.2 and earlier allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.7AI score
Exploits0References2
Prion
Prion
added 2022/02/24 3:15 p.m.10 views

Cross site scripting

Cross-site scripting vulnerability in phpUploader v1.2 and earlier allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors...

4.3CVSS6.2AI score0.00932EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/02/24 9:50 a.m.21 views

CVE-2022-24435

Cross-site scripting vulnerability in phpUploader v1.2 and earlier allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors...

6.5AI score0.00932EPSS
Exploits0References2
CVE
CVE
added 2022/02/24 9:50 a.m.100 views

CVE-2022-24374

Summary: CVE-2022-24374 describes a cross-site scripting (XSS) vulnerability in a-blog CMS. The connected Red Hat advisory for CVE-2022-23916 confirms the same underlying issue across multiple branches and provides concrete fixed versions. Affected platforms/versions: a-blog CMS Ver. 2.8.x < 2...

6.1CVSS6AI score0.00891EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2022/02/18 12:0 a.m.35 views

Cisco Prime Infrastructure and Cisco EPN Manager跨站脚本漏洞

Cisco Prime Infrastructure is an application from Cisco, Inc. A cross-site scripting vulnerability exists in Cisco Prime Infrastructure and Cisco EPN Manager, which could be exploited by an attacker to execute arbitrary script code or access sensitive browser-based information in the context of t...

6.1CVSS2.6AI score0.01213EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/02/17 3:0 p.m.9 views

CVE-2022-20659 Cisco Prime Infrastructure and Evolved Programmable Network Manager Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network EPN Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This...

6.1CVSS6.1AI score0.01213EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/02/17 6:20 a.m.3 views

Multiple vulnerabilities in phpUploader

Overview phpUploader provided by Dojin Club MICMNIS contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2022-24435 SQL Injection CWE-89 - CVE-2022-23986 Toyama Taku reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information...

7.5CVSS7.4AI score0.01664EPSS
Exploits0References8
Prion
Prion
added 2022/02/15 2:15 p.m.13 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the component /core/admin/categories.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content and thumbnail parameters...

3.5CVSS5.2AI score0.00736EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/02/15 12:0 a.m.6 views

CVE-2022-24227

A cross-site scripting XSS vulnerability in BoltWire v7.10 and v 8.00 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the name and lastname parameters...

5.9AI score0.02221EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/02/15 12:0 a.m.3 views

PluXml 安全漏洞

PluXml is a free and open source content management system that does not require a database to work. PluXml suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML...

5.4CVSS5.9AI score0.00732EPSS
Exploits1References2
NVD
NVD
added 2022/02/08 11:15 a.m.14 views

CVE-2022-21805

Reflected cross-site scripting vulnerability in the attached file name of phpmailform versions prior to Version 1.40 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS0.00955EPSS
Exploits0References2
NVD
NVD
added 2022/02/08 11:15 a.m.18 views

CVE-2022-22146

Cross-site scripting vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS0.00761EPSS
Exploits0References2
OSV
OSV
added 2022/02/08 11:15 a.m.16 views

CVE-2022-22146

Cross-site scripting vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.9AI score
Exploits0References2
OSV
OSV
added 2022/02/08 11:15 a.m.20 views

CVE-2022-22142

Reflected cross-site scripting vulnerability in the checkbox of phpmailform versions prior to Version 1.40 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.3AI score
Exploits0References2
NVD
NVD
added 2022/02/08 11:15 a.m.12 views

CVE-2021-20877

Cross-site scripting vulnerability in Canon laser printers and small office multifunctional printers LBP162L/LBP162, MF4890dw, MF269dw/MF265dw/MF264dw/MF262dw, MF249dw/MF245dw/MF244dw/MF242dw/MF232w, and MF229dw/MF224dw/MF222dw sold in Japan, imageCLASS MF Series...

4.8CVSS0.00842EPSS
Exploits0References5
OSV
OSV
added 2022/02/08 11:15 a.m.18 views

CVE-2022-21241

Cross-site scripting vulnerability in CSV+ prior to 0.8.1 allows a remote unauthenticated attacker to inject an arbitrary script or an arbitrary OS command via a specially crafted CSV file that contains HTML a tag...

9.6CVSS6.8AI score
Exploits0References2
Rows per page
Query Builder