7613 matches found
JVN#70100915: Multiple vulnerabilities in TransmitMail
TransmitMail is a PHP based mail form system. TransmitMail contains multiple vulnerabilities listed below. Directory traversal vulnerability due to the improper validation of external input values CWE-22 - CVE-2022-22146 Version| Vector| Score ---|---|--- CVSS v3|...
Cisco Security Manager Cross-Site Scripting Vulnerability (CNVD-2022-06378)
Cisco Security Manager CSM is a set of enterprise-class management applications from Cisco, which are used to configure firewall, VPN, and intrusion protection security services on Cisco networks and security devices. cross-site scripting vulnerability exists in Cisco Security Manager, which stem...
Cisco Security Manager Cross-Site Scripting Vulnerability
Cisco Security Manager CSM is a set of enterprise-level management applications from Cisco, which are used to configure firewall, VPN, and intrusion protection security services on Cisco networks and security devices. cross-site scripting vulnerability exists in Cisco Security Manager, which stem...
WordPress plugin 跨站脚本漏洞
WordPress plugin is an open source application plugin for WordPress. WordPress plugin suffers from a cross-site scripting vulnerability that stems from insufficient escaping via the loadertext parameter in the /includes/templates/landing-page.php file, which allows an attacker with administrative...
Cisco Security Manager Cross-Site Scripting Vulnerability (CNVD-2022-04813)
Cisco Security Manager CSM is a set of enterprise-class management applications from Cisco, which is mainly used to configure firewall, VPN and intrusion protection security services on Cisco networks and security devices.A cross-site scripting vulnerability exists in Cisco Security Manager, whic...
Cisco Security Manager Cross-Site Scripting Vulnerability (CNVD-2022-04814)
Cisco Security Manager CSM is a set of enterprise-class management applications from Cisco, which is mainly used to configure firewall, VPN and intrusion protection security services on Cisco networks and security devices.A cross-site scripting vulnerability exists in Cisco Security Manager, whic...
CVE-2022-0181
Reflected cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to inject an arbitrary script via unspecified vectors...
CVE-2022-0182
Stored cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote authenticated attacker to inject an arbitrary script via an website that uses Quiz And Survey Master...
CVE-2022-0181
Reflected cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to inject an arbitrary script via unspecified vectors...
Cross site scripting
Reflected cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to inject an arbitrary script via unspecified vectors...
Cross site scripting
Stored cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote authenticated attacker to inject an arbitrary script via an website that uses Quiz And Survey Master...
CVE-2022-0182
Stored cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote authenticated attacker to inject an arbitrary script via an website that uses Quiz And Survey Master...
Remote Code Execution (RCE)
chromium-browser:bionic is vulnerable to remote code execution RCE attacks. A malicious user can inject and execute arbitrary script...
CVE-2022-22531
The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified...
Code injection
The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified...
CVE-2022-22531
The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified...
CVE-2022-20637
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...
CVE-2022-20639
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...
CVE-2022-20641
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...
CVE-2022-20646
Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...