Lucene search
K

7613 matches found

NVD
NVD
added 2021/05/24 4:15 a.m.13 views

CVE-2021-20723

Reflected cross-site scripting vulnerability in MailForm01 free edition versions which the last updated date listed at the top of descriptions in the program file is from 2014 December 12 to 2018 July 27 allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS0.00777EPSS
Exploits0References2
Prion
Prion
added 2021/05/24 4:15 a.m.14 views

Cross site scripting

Reflected cross-site scripting vulnerability in the admin page of Calendar01 free edition ver1.0.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

4.3CVSS5.9AI score0.00777EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/05/24 4:15 a.m.19 views

Cross site scripting

Reflected cross-site scripting vulnerability in MailForm01 free edition versions which the last updated date listed at the top of descriptions in the program file is from 2014 December 12 to 2018 July 27 allows a remote attacker to inject an arbitrary script via unspecified vectors...

4.3CVSS5.9AI score0.00777EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/05/24 4:15 a.m.9 views

Cross site scripting

Reflected cross-site scripting vulnerability in the admin page of Telop01 free edition ver1.0.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

4.3CVSS5.9AI score0.00773EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/05/24 3:20 a.m.13 views

CVE-2021-20725

Reflected cross-site scripting vulnerability in the admin page of Calendar01 free edition ver1.0.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.2AI score0.00777EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2021/05/24 12:0 a.m.145 views

Shopizer 2.16.0 Cross Site Scripting

Exploit Title: Shopizer alert1 and save it 4. Open "Customers" - XSS payload will trigger Reflected XSS - 'ref' parameter Description: A reflected cross-site scripting XSS vulnerability in Shopizer before version 2.17.0 allows remote attackers to inject arbitrary web script or HTML via the 'ref'...

Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/05/21 12:0 a.m.75 views

JVN#53910556: Multiple cross-site scripting vulnerabilities in multiple PHP Factory products

Multiple products provided by PHP Factory contain multiple cross-site scripting vulnerabilities listed below. Reflected cross-site scripting vulnerability CWE-79 - CVE-2021-20723 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 4.7 CVSS v2|...

6.1CVSS6.6AI score0.00777EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/05/21 12:0 a.m.35 views

Cisco Firepower Management Center Multiple Stored XSS (cisco-sa-fmc-stored-xss-djKfCzf2)

The version of Cisco Firepower Management Center installed on the remote host is prior to 6.7.0. It is, therefore, affected by multiple vulnerabilities as referenced in the cisco-sa-fmc-stored-xss-djKfCzf2 advisory. Specifically, multiple vulnerabilities in the web-based management interface of...

4.8CVSS5.6AI score0.00615EPSS
Exploits0References5
NVD
NVD
added 2021/05/20 3:15 p.m.15 views

CVE-2021-25929

In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting since...

4.8CVSS0.0102EPSS
Exploits1References3
Prion
Prion
added 2021/05/20 3:15 p.m.19 views

Cross site scripting

In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting since...

3.5CVSS4.7AI score0.0102EPSS
Exploits1References3Affected Software2
Cvelist
Cvelist
added 2021/05/20 2:9 p.m.26 views

CVE-2021-25929

In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting since...

5AI score0.0102EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/05/13 12:0 a.m.30 views

Cisco Web Security Appliance XSS (cisco-sa-wsa-xss-mVjOWchB)

According to its self-reported version, Cisco Web Security Appliance is affected by a cross-site scripting XSS vulnerability due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit, by convincing a user to click a specially...

6.1CVSS6.4AI score0.00704EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/05/13 12:0 a.m.96 views

Cisco Unity Connection XSS (cisco-sa-cucm-xss-Q4PZcNzJ)

The Cisco Unity Connection installed on the remote host is prior to version 14. It is, therefore, affected by multiple cross-site Scripting vulnerabilities. Multiple vulnerabilities in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to...

6.1CVSS6.6AI score0.00823EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2021/05/13 12:0 a.m.96 views

Cisco Unified Communications Manager IM & Presence Service XSS (cisco-sa-cucm-xss-Q4PZcNzJ)

The version of Cisco Unified Communications Manager IM & Presence Service installed on the remote host is prior to version 14. It is, therefore, affected by a cross-site scripting vulnerability. A vulnerability in the web-based management interface of Cisco Unified CM IM&P,could allow an...

6.1CVSS6.3AI score0.00823EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/05/13 12:0 a.m.100 views

Cisco Unified Communications Manager XSS (cisco-sa-cucm-xss-Q4PZcNzJ)

The version of cisco unified communications manager installed on the remote host is prior to version 14. It is, therefore, affected by multiple cross-site scripting vulnerabilities. Multiple vulnerabilities in the web-based management interface of Cisco Unified CM, could allow an unauthenticated,...

6.1CVSS6.3AI score0.00823EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2021/05/12 12:0 a.m.52 views

Adobe Experience Manager 6.3.0.0 < 6.4.8.4 / 6.5.0.0 < 6.5.8.0 Multiple Vulnerabilities (APSB21-15)

The version of Adobe Experience Manager installed on the remote host is prior to 6.4.8.4, 6.5.8.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB21-15 advisory. - AEM's Cloud Service offering, as well as versions 6.5.7.0 and below, 6.4.8.3 and below and 6.3.3.8 a...

7.5CVSS6.7AI score0.0198EPSS
Exploits0References3
OSV
OSV
added 2021/05/10 10:15 a.m.21 views

CVE-2021-20717

Cross-site scripting vulnerability in EC-CUBE 4.0.0 to 4.0.5 allows a remote attacker to inject a specially crafted script in the specific input field of the EC web site which is created using EC-CUBE. As a result, it may lead to an arbitrary script execution on the administrator's web browser...

6.1CVSS6.6AI score
Exploits0References3
Prion
Prion
added 2021/05/10 10:15 a.m.21 views

Cross site scripting

Cross-site scripting vulnerability in EC-CUBE 4.0.0 to 4.0.5 allows a remote attacker to inject a specially crafted script in the specific input field of the EC web site which is created using EC-CUBE. As a result, it may lead to an arbitrary script execution on the administrator's web browser...

4.3CVSS6.2AI score0.02308EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/05/07 12:0 a.m.25 views

Cisco Firepower Management Center Software Multiple XSS (cisco-sa-fmc-xss-yT8LNSeA)

The version of Cisco Firepower Management Center FMC installed on the remote host is affected by multiple cross-site scripting XSS vulnerabilities due to insufficient validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincin...

4.8CVSS5.4AI score0.00616EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2021/05/06 6:54 p.m.69 views

Reflected cross-site scripting in francoisjacquet/rosariosis

Reflected Cross-Site Scripting vulnerability in Modules.php in RosarioSIS Student Information System 6.5.1 allows remote attackers to execute arbitrary web script via embedding javascript or HTML tags in a GET request...

6.1CVSS5.6AI score0.0143EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder