7613 matches found
CVE-2021-20723
Reflected cross-site scripting vulnerability in MailForm01 free edition versions which the last updated date listed at the top of descriptions in the program file is from 2014 December 12 to 2018 July 27 allows a remote attacker to inject an arbitrary script via unspecified vectors...
Cross site scripting
Reflected cross-site scripting vulnerability in the admin page of Calendar01 free edition ver1.0.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...
Cross site scripting
Reflected cross-site scripting vulnerability in MailForm01 free edition versions which the last updated date listed at the top of descriptions in the program file is from 2014 December 12 to 2018 July 27 allows a remote attacker to inject an arbitrary script via unspecified vectors...
Cross site scripting
Reflected cross-site scripting vulnerability in the admin page of Telop01 free edition ver1.0.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...
CVE-2021-20725
Reflected cross-site scripting vulnerability in the admin page of Calendar01 free edition ver1.0.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...
Shopizer 2.16.0 Cross Site Scripting
Exploit Title: Shopizer alert1 and save it 4. Open "Customers" - XSS payload will trigger Reflected XSS - 'ref' parameter Description: A reflected cross-site scripting XSS vulnerability in Shopizer before version 2.17.0 allows remote attackers to inject arbitrary web script or HTML via the 'ref'...
JVN#53910556: Multiple cross-site scripting vulnerabilities in multiple PHP Factory products
Multiple products provided by PHP Factory contain multiple cross-site scripting vulnerabilities listed below. Reflected cross-site scripting vulnerability CWE-79 - CVE-2021-20723 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 4.7 CVSS v2|...
Cisco Firepower Management Center Multiple Stored XSS (cisco-sa-fmc-stored-xss-djKfCzf2)
The version of Cisco Firepower Management Center installed on the remote host is prior to 6.7.0. It is, therefore, affected by multiple vulnerabilities as referenced in the cisco-sa-fmc-stored-xss-djKfCzf2 advisory. Specifically, multiple vulnerabilities in the web-based management interface of...
CVE-2021-25929
In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting since...
Cross site scripting
In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting since...
CVE-2021-25929
In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting since...
Cisco Web Security Appliance XSS (cisco-sa-wsa-xss-mVjOWchB)
According to its self-reported version, Cisco Web Security Appliance is affected by a cross-site scripting XSS vulnerability due to improper validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit, by convincing a user to click a specially...
Cisco Unity Connection XSS (cisco-sa-cucm-xss-Q4PZcNzJ)
The Cisco Unity Connection installed on the remote host is prior to version 14. It is, therefore, affected by multiple cross-site Scripting vulnerabilities. Multiple vulnerabilities in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to...
Cisco Unified Communications Manager IM & Presence Service XSS (cisco-sa-cucm-xss-Q4PZcNzJ)
The version of Cisco Unified Communications Manager IM & Presence Service installed on the remote host is prior to version 14. It is, therefore, affected by a cross-site scripting vulnerability. A vulnerability in the web-based management interface of Cisco Unified CM IM&P,could allow an...
Cisco Unified Communications Manager XSS (cisco-sa-cucm-xss-Q4PZcNzJ)
The version of cisco unified communications manager installed on the remote host is prior to version 14. It is, therefore, affected by multiple cross-site scripting vulnerabilities. Multiple vulnerabilities in the web-based management interface of Cisco Unified CM, could allow an unauthenticated,...
Adobe Experience Manager 6.3.0.0 < 6.4.8.4 / 6.5.0.0 < 6.5.8.0 Multiple Vulnerabilities (APSB21-15)
The version of Adobe Experience Manager installed on the remote host is prior to 6.4.8.4, 6.5.8.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB21-15 advisory. - AEM's Cloud Service offering, as well as versions 6.5.7.0 and below, 6.4.8.3 and below and 6.3.3.8 a...
CVE-2021-20717
Cross-site scripting vulnerability in EC-CUBE 4.0.0 to 4.0.5 allows a remote attacker to inject a specially crafted script in the specific input field of the EC web site which is created using EC-CUBE. As a result, it may lead to an arbitrary script execution on the administrator's web browser...
Cross site scripting
Cross-site scripting vulnerability in EC-CUBE 4.0.0 to 4.0.5 allows a remote attacker to inject a specially crafted script in the specific input field of the EC web site which is created using EC-CUBE. As a result, it may lead to an arbitrary script execution on the administrator's web browser...
Cisco Firepower Management Center Software Multiple XSS (cisco-sa-fmc-xss-yT8LNSeA)
The version of Cisco Firepower Management Center FMC installed on the remote host is affected by multiple cross-site scripting XSS vulnerabilities due to insufficient validation of user-supplied input before returning it to users. An unauthenticated, remote attacker can exploit this, by convincin...
Reflected cross-site scripting in francoisjacquet/rosariosis
Reflected Cross-Site Scripting vulnerability in Modules.php in RosarioSIS Student Information System 6.5.1 allows remote attackers to execute arbitrary web script via embedding javascript or HTML tags in a GET request...