Lucene search
K

7613 matches found

CNNVD
CNNVD
added 2021/07/08 12:0 a.m.4 views

Cisco Identity Services Engine 跨站脚本漏洞

Cisco Identity Services Engine ISE is a next-generation identity and access control policy platform that enables organizations to enforce compliance, enhance infrastructure security, and streamline their service operations. A stored cross-site scripting vulnerability exists in the Web management...

4.8CVSS5.7AI score0.00594EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/07/07 12:0 a.m.4 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress's WP suffers from a cross-site scripting vulnerability that can be exploited by attackers ...

6.4CVSS5.5AI score0.00634EPSS
Exploits1References3
NCSC
NCSC
added 2021/07/07 12:0 a.m.6 views

Vulnerability fixed in PRTG Network Monitor

A vulnerability has been fixed in PRTG Network Monitor. A malicious party can exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack can lead to the execution of arbitrary script code in the browser with which the application is visited. Paessler has released updat...

5.4CVSS6.2AI score0.0059EPSS
Exploits1
CNVD
CNVD
added 2021/07/05 12:0 a.m.8 views

phplist cross-site scripting vulnerability (CNVD-2021-48517)

phpList is an open source newsletter and email marketing software from phpList UK. A stored cross-site scripting vulnerability exists in phplist 3.5.4 and earlier versions, which can be exploited to execute arbitrary Web script or HTML via the "admin" parameter under the "Manage Administrators"...

5.4CVSS6.1AI score0.00528EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/05 12:0 a.m.9 views

CMS Made Simple Cross-Site Scripting Vulnerability (CNVD-2021-48500)

CMS Made Simple CMSMS is an open source content management system that provides developers, programmers, and website owners with a web-based version of the development and management interface. A stored cross-site scripting vulnerability exists in CMS Made Simple version 2.2.14, which can be...

5.4CVSS6AI score0.00473EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/05 12:0 a.m.8 views

LavaLite Cross-Site Scripting Vulnerability (CNVD-2021-48515)

Lavalite is an open source content management system developed using the Laravel framework. A stored cross-site scripting vulnerability exists in the /admin/roles/role component of LavaLite version 5.8.0, which can be exploited by an attacker to execute arbitrary Web script or HTML via the ""New"...

5.4CVSS6AI score0.005EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/07/02 12:0 a.m.4 views

PhpList 跨站脚本漏洞

phpList is an open source newsletter and email marketing software from phpList UK. A stored cross-site scripting vulnerability exists in phplist 3.5.4 and earlier versions, which can be exploited by an attacker to execute arbitrary Web script or HTML via the "Campaign" field under the "Send...

5.4CVSS5.6AI score0.00522EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/02 12:0 a.m.10 views

phplist cross-site scripting vulnerability (CNVD-2021-46871)

phpList is an open source newsletter and email marketing software from phpList UK. A stored cross-site scripting vulnerability exists in phplist version 3.5.3. The vulnerability can be exploited to execute arbitrary web script or HTML via the "Send Test" field under the "Start or Continue Campaig...

5.4CVSS6AI score0.00551EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/07/02 12:0 a.m.4 views

phplist 跨站脚本漏洞

PhpList is a suite of open source newsletter and email marketing software from PhpList UK. A cross-site scripting vulnerability exists in the Import Email module in phplist 3.5.4, which can be exploited by an authenticated attacker to execute arbitrary Web script or HTML via a crafted payload...

5.4CVSS5.6AI score0.00512EPSS
Exploits1References1
OSV
OSV
added 2021/07/01 9:15 p.m.15 views

CVE-2020-23207

A stored cross site scripting XSS vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Edit Values" field under the "Configure Attributes" module...

5.4CVSS5.5AI score
Exploits0References1
Prion
Prion
added 2021/07/01 9:15 p.m.18 views

Cross site scripting

A stored cross site scripting XSS vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add a list" field under the "Import Emails" module...

3.5CVSS5.3AI score0.00558EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2021/07/01 9:15 p.m.17 views

Cross site scripting

A stored cross site scripting XSS vulnerability in phplist 3.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Send test" field under the "Start or continue campaign" module...

3.5CVSS5.3AI score0.00551EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/07/01 6:15 a.m.16 views

Cross site scripting

Cross-site scripting vulnerability in IkaIka RSS Reader all versions allows a remote attacker to inject an arbitrary script via unspecified vectors...

4.3CVSS6AI score0.00788EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/07/01 5:45 a.m.21 views

CVE-2021-20752

Cross-site scripting vulnerability in IkaIka RSS Reader all versions allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.2AI score0.00788EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/07/01 12:0 a.m.4 views

PhpList 跨站脚本漏洞

phpList is an open source newsletter and email marketing software from phpList UK. A stored cross-site scripting vulnerability exists in phplist version 3.5.3. The vulnerability can be exploited to execute arbitrary web script or HTML via the "Add List" field under the "Import Email" module...

5.4CVSS5.5AI score0.00558EPSS
Exploits1References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/06/30 5:32 a.m.3 views

boastMachine vulnerable to cross-site scripting

Overview boastMachine provided by knadh contains a cross-site scripting vulnerability CWE-79. Daiki Fukumori reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on the user's...

6.1CVSS6.2AI score0.0449EPSS
Exploits0References5
CNVD
CNVD
added 2021/06/29 12:0 a.m.6 views

Zammad cross-site scripting vulnerability (CNVD-2021-50125)

Zammad is a Web-based open source helpdesk/customer support system. A cross-site scripting vulnerability exists in Zammad. A remote attacker can exploit this vulnerability to execute arbitrary web script or HTML via the "user-avatar" attribute...

6.1CVSS6.3AI score0.00833EPSS
Exploits0References1
OSV
OSV
added 2021/06/28 1:15 a.m.16 views

CVE-2021-20746

Cross-site scripting vulnerability in WordPress Popular Posts 5.3.2 and earlier allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

5.4CVSS6.2AI score
Exploits0References4
NVD
NVD
added 2021/06/28 1:15 a.m.23 views

CVE-2021-20751

Cross-site scripting vulnerability in EC-CUBE EC-CUBE 4.0.0 to 4.0.5-p1 EC-CUBE 4 series allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...

6.1CVSS0.01088EPSS
Exploits0References2
OSV
OSV
added 2021/06/28 1:15 a.m.21 views

CVE-2021-20751

Cross-site scripting vulnerability in EC-CUBE EC-CUBE 4.0.0 to 4.0.5-p1 EC-CUBE 4 series allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation...

6.1CVSS6.6AI score
Exploits0References2
Rows per page
Query Builder