Lucene search
K

7613 matches found

NVD
NVD
added 2021/10/13 9:15 a.m.16 views

CVE-2021-20799

Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

5.4CVSS0.00588EPSS
Exploits0References2
Prion
Prion
added 2021/10/13 9:15 a.m.16 views

Cross site scripting

Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.7 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

3.5CVSS5.7AI score0.00585EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/10/13 9:15 a.m.17 views

Cross site scripting

Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

3.5CVSS5.7AI score0.00588EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/10/13 9:15 a.m.21 views

Cross site scripting

Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

3.5CVSS5.7AI score0.00585EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/10/13 9:15 a.m.12 views

Cross site scripting

Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.0.0 to 3.1.9 allows a remote attacker to inject an arbitrary script via unspecified vectors...

4.3CVSS6.6AI score0.0073EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/10/13 9:15 a.m.16 views

Cross site scripting

Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

3.5CVSS5.7AI score0.00588EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/10/13 8:31 a.m.14 views

CVE-2021-20807

Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.0.0 to 3.1.9 allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.8AI score0.0073EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/10/13 8:30 a.m.20 views

CVE-2021-20800

Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

6.1AI score0.00585EPSS
Exploits0References2
Veracode
Veracode
added 2021/10/08 7:58 a.m.15 views

Cross-Site Scripting (XSS)

teddy is vulnerable to cross-site scripting XSS attacks. The vulnerability exists because it does not properly escape the user-supplied input in 'utils.js' allowing the attacker to inject arbitrary script...

6.1CVSS3.2AI score0.01091EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2021/10/06 8:15 p.m.15 views

CVE-2021-34742

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation o...

6.1CVSS0.0075EPSS
Exploits0References1
Prion
Prion
added 2021/10/06 8:15 p.m.19 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation o...

4.3CVSS5.9AI score0.0075EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2021/10/06 7:46 p.m.9 views

CVE-2021-34742 Cisco Vision Dynamic Signage Director Reflected Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation o...

6.1CVSS6.1AI score0.0075EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/10/06 7:46 p.m.22 views

CVE-2021-34742 Cisco Vision Dynamic Signage Director Reflected Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation o...

6.1CVSS6.1AI score0.0075EPSS
Exploits0References1
OSV
OSV
added 2021/10/01 4:15 p.m.11 views

CVE-2021-41467

Cross-site scripting XSS vulnerability in application/controllers/dropbox.php in JustWriting 1.0.0 and below allow remote attackers to inject arbitrary web script or HTML via the challenge parameter...

6.1CVSS6.1AI score
Exploits0References2
Cvelist
Cvelist
added 2021/09/29 9:29 p.m.22 views

CVE-2020-20131

LaraCMS v1.0.1 contains a stored cross-site scripting XSS vulnerability which allows atackers to execute arbitrary web scripts or HTML via a crafted payload in the page management module...

5.3AI score0.00576EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/09/29 12:0 a.m.5 views

LaraCms 跨站脚本漏洞

LaraCms is a modern content management system in China. version 1.0.1 of LaraCMS contains a cross-site scripting vulnerability that can be exploited by attackers to execute arbitrary web scripts or HTML via specially crafted loads in the content editor...

5.4CVSS5.7AI score0.00576EPSS
Exploits1References1
CNVD
CNVD
added 2021/09/28 12:0 a.m.8 views

Gila CMS Cross-Site Scripting Vulnerability (CNVD-2021-84285)

Gila CMS is an open source content management system CMS based on PHP and MySQL. Gila CMS suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML via a crafted payload in a markup field...

5.4CVSS6.3AI score0.00477EPSS
Exploits1References1
OSV
OSV
added 2021/09/27 10:15 p.m.18 views

CVE-2020-20691

An issue in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via bypassing the file extension filter and uploading crafted HTML files...

6.5CVSS7.2AI score
Exploits0References1
CNNVD
CNNVD
added 2021/09/27 12:0 a.m.5 views

Monstra CMS 代码问题漏洞

Monstra CMS is a lightweight PHP-based content management system CMS from the Ukrainian personal developer Sergey Romanenko.A code issue vulnerability exists in Monstra CMS v3.0.4, which could be exploited by attackers to execute arbitrary web scripts or HTML...

6.5CVSS7AI score0.00896EPSS
Exploits1References1
OSV
OSV
added 2021/09/21 10:15 a.m.12 views

CVE-2021-20829

Cross-site scripting vulnerability due to the inadequate tag sanitization in GROWI versions v4.2.19 and earlier allows remote attackers to execute an arbitrary script on the web browser of the user who accesses a specially crafted page...

6.1CVSS6.9AI score
Exploits0References2
Rows per page
Query Builder