Lucene search
K

7613 matches found

NVD
NVD
added 2021/09/17 2:15 a.m.10 views

CVE-2021-20825

Cross-site scripting vulnerability in List order management item change plug-in for EC-CUBE 3.0 series Ver.1.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS0.00733EPSS
Exploits0References2
OSV
OSV
added 2021/09/17 2:15 a.m.11 views

CVE-2021-20825

Cross-site scripting vulnerability in List order management item change plug-in for EC-CUBE 3.0 series Ver.1.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.5AI score
Exploits0References2
Prion
Prion
added 2021/09/17 2:15 a.m.12 views

Cross site scripting

Cross-site scripting vulnerability in Order Status Batch Change Plug-in for EC-CUBE 3.0 series all versions allows a remote attacker to inject an arbitrary script via unspecified vectors...

4.3CVSS5.9AI score0.00748EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/09/17 1:40 a.m.18 views

CVE-2021-20828

Cross-site scripting vulnerability in Order Status Batch Change Plug-in for EC-CUBE 3.0 series all versions allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.2AI score0.00748EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/09/17 1:40 a.m.13 views

CVE-2021-20825

Cross-site scripting vulnerability in List order management item change plug-in for EC-CUBE 3.0 series Ver.1.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.2AI score0.00733EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/09/10 12:0 a.m.5 views

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...

6.1CVSS6.1AI score0.00757EPSS
Exploits0References4
OSV
OSV
added 2021/09/09 11:15 p.m.13 views

CVE-2020-19283

A reflected cross-site scripting XSS vulnerability in the /newVersion component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML...

6.1CVSS6AI score
Exploits0References2
NVD
NVD
added 2021/09/09 6:15 p.m.11 views

CVE-2020-19266

A stored cross-site scripting XSS vulnerability in the index.php/Dswjcms/Site/articleList component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML...

6.1CVSS0.00621EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/09/09 12:0 a.m.6 views

Jeesns 跨站脚本漏洞

JEESNS is a social management system developed on the JAVA enterprise platform. The vulnerability can be exploited to execute arbitrary Web script or HTML via a specially crafted payload in the editor's source field...

5.4CVSS6AI score0.0054EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/09/09 12:0 a.m.4 views

Dswjcms 跨站脚本漏洞

Dswjcms is for individuals and personal lending launched a free p2p open source project , based on Thinkphp architecture of the industry system , fully automated installation mode , quickly build a P2P website . Dswjcms 1.6.4 version of the existence of cross-site scripting vulnerability , the...

6.1CVSS6.3AI score0.00621EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/09/09 12:0 a.m.5 views

JEESNS 跨站脚本漏洞

JEESNS is a social management system developed on the JAVA enterprise platform. The vulnerability can be exploited to execute arbitrary Web script or HTML via a specially crafted payload in the header...

5.4CVSS6AI score0.00639EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/09/09 12:0 a.m.6 views

Jeesns 跨站脚本漏洞

JEESNS is a social management system developed on the JAVA enterprise platform. The vulnerability can be exploited by attackers to execute arbitrary Web script or HTML via a specially crafted payload in the posted question...

5.4CVSS6AI score0.0054EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/09/03 12:0 a.m.25 views

Cisco Prime Collaboration Provisioning XSS (cisco-sa-prime-collab-xss-fQMDE5GO)

According to its self-reported version, Cisco Prime Collaboration Provisioning is affected by a cross-site scripting XSS vulnerability in its web-based management interface due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can...

6.1CVSS6.5AI score0.00774EPSS
Exploits0References3
NVD
NVD
added 2021/09/02 3:15 a.m.19 views

CVE-2021-34732

A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input...

6.1CVSS0.00774EPSS
Exploits0References1
Prion
Prion
added 2021/09/02 3:15 a.m.16 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input...

4.3CVSS5.9AI score0.00774EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2021/09/02 3:5 a.m.9 views

CVE-2021-34759 Cisco Identity Services Engine Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE Software could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the...

4.8CVSS6AI score0.00594EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/09/02 3:5 a.m.13 views

CVE-2021-34732 Cisco Prime Collaboration Provisioning Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input...

6.1CVSS6.3AI score0.00774EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/09/01 12:0 a.m.32 views

Cisco Application Policy Infrastructure Controller Stored XSS (cisco-sa-capic-scss-bFT75YrM)

According to its self-reported version, Cisco Application Policy Infrastructure Controller is affected by a stored cross-site scripting XSS vulnerability in its Web UI component due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can...

5.4CVSS6.2AI score0.00599EPSS
Exploits0References3
CNVD
CNVD
added 2021/08/31 12:0 a.m.21 views

Indexhibit Cross-Site Scripting Vulnerability (CNVD-2021-67909)

Indexhibit is a web-based content management system. A reflection-based cross-site scripting vulnerability exists in the /plugin/ajax.php component of Indexhibit version 2.1.5. An attacker could use this vulnerability to execute arbitrary web script or HTML...

6.1CVSS3.4AI score0.00574EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/08/31 12:0 a.m.3 views

Nature Easy Soft Network Technology ZenTao 跨站脚本漏洞

Nature Easy Soft Network Technology ZenTao is China's easy soft Tianchuang network technology Nature Easy Soft Network Technology company's open source project management software. The software includes features such as product management, project management, quality management and document...

6.1CVSS6.4AI score0.00838EPSS
Exploits1References1
Rows per page
Query Builder