7613 matches found
CVE-2021-20825
Cross-site scripting vulnerability in List order management item change plug-in for EC-CUBE 3.0 series Ver.1.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...
CVE-2021-20825
Cross-site scripting vulnerability in List order management item change plug-in for EC-CUBE 3.0 series Ver.1.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...
Cross site scripting
Cross-site scripting vulnerability in Order Status Batch Change Plug-in for EC-CUBE 3.0 series all versions allows a remote attacker to inject an arbitrary script via unspecified vectors...
CVE-2021-20828
Cross-site scripting vulnerability in Order Status Batch Change Plug-in for EC-CUBE 3.0 series all versions allows a remote attacker to inject an arbitrary script via unspecified vectors...
CVE-2021-20825
Cross-site scripting vulnerability in List order management item change plug-in for EC-CUBE 3.0 series Ver.1.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...
WordPress 插件跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...
CVE-2020-19283
A reflected cross-site scripting XSS vulnerability in the /newVersion component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML...
CVE-2020-19266
A stored cross-site scripting XSS vulnerability in the index.php/Dswjcms/Site/articleList component of Dswjcms 1.6.4 allows attackers to execute arbitrary web scripts or HTML...
Jeesns 跨站脚本漏洞
JEESNS is a social management system developed on the JAVA enterprise platform. The vulnerability can be exploited to execute arbitrary Web script or HTML via a specially crafted payload in the editor's source field...
Dswjcms 跨站脚本漏洞
Dswjcms is for individuals and personal lending launched a free p2p open source project , based on Thinkphp architecture of the industry system , fully automated installation mode , quickly build a P2P website . Dswjcms 1.6.4 version of the existence of cross-site scripting vulnerability , the...
JEESNS 跨站脚本漏洞
JEESNS is a social management system developed on the JAVA enterprise platform. The vulnerability can be exploited to execute arbitrary Web script or HTML via a specially crafted payload in the header...
Jeesns 跨站脚本漏洞
JEESNS is a social management system developed on the JAVA enterprise platform. The vulnerability can be exploited by attackers to execute arbitrary Web script or HTML via a specially crafted payload in the posted question...
Cisco Prime Collaboration Provisioning XSS (cisco-sa-prime-collab-xss-fQMDE5GO)
According to its self-reported version, Cisco Prime Collaboration Provisioning is affected by a cross-site scripting XSS vulnerability in its web-based management interface due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can...
CVE-2021-34732
A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input...
CVE-2021-34759 Cisco Identity Services Engine Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE Software could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the...
CVE-2021-34732 Cisco Prime Collaboration Provisioning Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input...
Cisco Application Policy Infrastructure Controller Stored XSS (cisco-sa-capic-scss-bFT75YrM)
According to its self-reported version, Cisco Application Policy Infrastructure Controller is affected by a stored cross-site scripting XSS vulnerability in its Web UI component due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can...
Indexhibit Cross-Site Scripting Vulnerability (CNVD-2021-67909)
Indexhibit is a web-based content management system. A reflection-based cross-site scripting vulnerability exists in the /plugin/ajax.php component of Indexhibit version 2.1.5. An attacker could use this vulnerability to execute arbitrary web script or HTML...
Nature Easy Soft Network Technology ZenTao 跨站脚本漏洞
Nature Easy Soft Network Technology ZenTao is China's easy soft Tianchuang network technology Nature Easy Soft Network Technology company's open source project management software. The software includes features such as product management, project management, quality management and document...