Lucene search
K

7613 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/01/25 12:0 a.m.44 views

JVN#70100915: Multiple vulnerabilities in TransmitMail

TransmitMail is a PHP based mail form system. TransmitMail contains multiple vulnerabilities listed below. Directory traversal vulnerability due to the improper validation of external input values CWE-22 - CVE-2022-22146 Version| Vector| Score ---|---|--- CVSS v3|...

7.5CVSS7.1AI score0.02001EPSS
Exploits0
CNVD
CNVD
added 2022/01/21 12:0 a.m.18 views

Cisco Security Manager Cross-Site Scripting Vulnerability (CNVD-2022-06378)

Cisco Security Manager CSM is a set of enterprise-class management applications from Cisco, which are used to configure firewall, VPN, and intrusion protection security services on Cisco networks and security devices. cross-site scripting vulnerability exists in Cisco Security Manager, which stem...

6.1CVSS1.4AI score0.00759EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/18 12:0 a.m.20 views

Cisco Security Manager Cross-Site Scripting Vulnerability

Cisco Security Manager CSM is a set of enterprise-level management applications from Cisco, which are used to configure firewall, VPN, and intrusion protection security services on Cisco networks and security devices. cross-site scripting vulnerability exists in Cisco Security Manager, which stem...

6.1CVSS3.3AI score0.00759EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/01/18 12:0 a.m.4 views

WordPress plugin 跨站脚本漏洞

WordPress plugin is an open source application plugin for WordPress. WordPress plugin suffers from a cross-site scripting vulnerability that stems from insufficient escaping via the loadertext parameter in the /includes/templates/landing-page.php file, which allows an attacker with administrative...

4.8CVSS5.1AI score0.00856EPSS
Exploits1References4
CNVD
CNVD
added 2022/01/18 12:0 a.m.23 views

Cisco Security Manager Cross-Site Scripting Vulnerability (CNVD-2022-04813)

Cisco Security Manager CSM is a set of enterprise-class management applications from Cisco, which is mainly used to configure firewall, VPN and intrusion protection security services on Cisco networks and security devices.A cross-site scripting vulnerability exists in Cisco Security Manager, whic...

6.1CVSS3.4AI score0.00759EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/18 12:0 a.m.19 views

Cisco Security Manager Cross-Site Scripting Vulnerability (CNVD-2022-04814)

Cisco Security Manager CSM is a set of enterprise-class management applications from Cisco, which is mainly used to configure firewall, VPN and intrusion protection security services on Cisco networks and security devices.A cross-site scripting vulnerability exists in Cisco Security Manager, whic...

6.1CVSS3.4AI score0.00759EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/01/17 10:15 a.m.6 views

CVE-2022-0181

Reflected cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS5.9AI score0.01277EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2022/01/17 10:15 a.m.15 views

CVE-2022-0182

Stored cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote authenticated attacker to inject an arbitrary script via an website that uses Quiz And Survey Master...

5.4CVSS0.00974EPSS
Exploits0References3
NVD
NVD
added 2022/01/17 10:15 a.m.20 views

CVE-2022-0181

Reflected cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS0.01277EPSS
Exploits0References3
Prion
Prion
added 2022/01/17 10:15 a.m.15 views

Cross site scripting

Reflected cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to inject an arbitrary script via unspecified vectors...

4.3CVSS6.3AI score0.01277EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2022/01/17 10:15 a.m.13 views

Cross site scripting

Stored cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote authenticated attacker to inject an arbitrary script via an website that uses Quiz And Survey Master...

3.5CVSS5.6AI score0.00974EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/01/17 9:10 a.m.17 views

CVE-2022-0182

Stored cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote authenticated attacker to inject an arbitrary script via an website that uses Quiz And Survey Master...

5.9AI score0.00974EPSS
Exploits0References3
Veracode
Veracode
added 2022/01/15 12:5 a.m.19 views

Remote Code Execution (RCE)

chromium-browser:bionic is vulnerable to remote code execution RCE attacks. A malicious user can inject and execute arbitrary script...

6.5CVSS3.2AI score0.00847EPSS
Exploits1References9Affected Software3
NVD
NVD
added 2022/01/14 8:15 p.m.9 views

CVE-2022-22531

The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified...

8.1CVSS0.00849EPSS
Exploits0References2
Prion
Prion
added 2022/01/14 8:15 p.m.13 views

Code injection

The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified...

5.5CVSS7.8AI score0.00849EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/01/14 7:11 p.m.14 views

CVE-2022-22531

The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified...

8.1AI score0.00849EPSS
Exploits0References2
NVD
NVD
added 2022/01/14 5:15 a.m.16 views

CVE-2022-20637

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...

6.1CVSS0.00759EPSS
Exploits0References1
NVD
NVD
added 2022/01/14 5:15 a.m.13 views

CVE-2022-20639

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...

6.1CVSS0.00759EPSS
Exploits0References1
NVD
NVD
added 2022/01/14 5:15 a.m.17 views

CVE-2022-20641

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...

6.1CVSS0.00759EPSS
Exploits0References1
NVD
NVD
added 2022/01/14 5:15 a.m.24 views

CVE-2022-20646

Multiple vulnerabilities in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the...

6.1CVSS0.00759EPSS
Exploits0References1
Rows per page
Query Builder