Lucene search
+L

235 matches found

cnnvd
cnnvd
added 2022/01/03 12:0 a.m.5 views

BeyondTrust Remote Support 跨站脚本漏洞

BeyondTrust Remote Support is a remote desktop access, help desk and collaboration software for Windows, Mac, Linux, Ios iPad, iPhone, etc. BeyondTrust Remote Support is vulnerable to cross-site request forgery. The vulnerability stems from the lack of proper validation of client-side data in the...

6.1CVSS5.6AI score0.28207EPSS
Exploits3References5
cnnvd
cnnvd
added 2021/11/23 12:0 a.m.5 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress BetterLinks suffers from a cross-site scripting vulnerability that stems from a lack of...

5.4CVSS5.6AI score0.00604EPSS
Exploits2References2
cnnvd
cnnvd
added 2021/11/23 12:0 a.m.4 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress Video Lessons Manager, which stems from a...

4.8CVSS5.1AI score0.00598EPSS
Exploits2References2
cnnvd
cnnvd
added 2021/11/08 12:0 a.m.5 views

PHP 跨站脚本漏洞

PHP is a scripting language that executes on the server side. PHP suffers from a security vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute client-side code...

5.4CVSS5.9AI score0.01635EPSS
Exploits4References5
cnnvd
cnnvd
added 2021/11/02 12:0 a.m.5 views

vaadin 跨站脚本漏洞

vaadin vaadin is an open source platform for web application development from Finnish company vaadin. the vaadin platform consists of a set of web components, a Java web framework, and a set of tools and application launchers. the vaadin platform includes a set of web components, a Java web...

6.1CVSS6.1AI score0.00955EPSS
Exploits1References3
cnnvd
cnnvd
added 2021/10/25 12:0 a.m.5 views

Nextcloud 代码问题漏洞

Nextcloud is an open source self-hosted file synchronization and sharing communication application platform from Nextcloud Germany. nextcloud Contacts application prior to version 4.0.3 suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side...

6.4CVSS5.6AI score0.00504EPSS
Exploits0References4
cnnvd
cnnvd
added 2021/10/22 12:0 a.m.7 views

Csdn App 跨站脚本漏洞

Csdn App is an It community software for cell phones from CN Beijing Innovative Lezhi Network Technology Csdn. Csdn APP suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client data by the WEB application. An attacker can exploit this vulnerability...

6.1CVSS6.1AI score0.00606EPSS
Exploits0References3
cnnvd
cnnvd
added 2021/10/21 12:0 a.m.5 views

Alfresco 跨站脚本漏洞

Alfresco is an open source enterprise content management system. The platform page using Freemarker development , the main features include document management , collaboration , records management , knowledge base management , Web content management and so on. Alfresco has a security vulnerabilit...

5.4CVSS5.8AI score0.00534EPSS
Exploits0References3
prion
prion
added 2021/10/20 7:15 a.m.17 views

Memory corruption

Possible memory corruption due to lack of validation of client data used for memory allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables...

7.2CVSS7.5AI score0.00154EPSS
Exploits0References1
cnnvd
cnnvd
added 2021/10/11 12:0 a.m.3 views

ProjectSend 跨站脚本漏洞

Projectsend formerly known as cFTP is a suite of self-hosted applications based on PHP and MySQL. Projectsend suffers from a cross-site scripting vulnerability that stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to...

5.4CVSS5.7AI score0.00624EPSS
Exploits1References3
cnnvd
cnnvd
added 2021/10/04 12:0 a.m.7 views

WordPress 插件 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . The WordPress Better Find and Replace plugin suffers from...

6.1CVSS5.4AI score0.008EPSS
Exploits2References2
cnnvd
cnnvd
added 2021/09/17 12:0 a.m.6 views

XssHunter-Express 授权问题漏洞

XssHunter-Express is used to test and find blind XSS. XssHunter-Express suffers from an Authorization Problem vulnerability that stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

9.8CVSS8.4AI score0.01762EPSS
Exploits0References4
cnnvd
cnnvd
added 2021/09/14 12:0 a.m.7 views

Beego 跨站脚本漏洞

Beego is an open source web framework based on the Go language. Beego 2.0.1 suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

6.1CVSS6.1AI score0.00795EPSS
Exploits1References3
cnnvd
cnnvd
added 2021/09/13 12:0 a.m.5 views

IBM Financial Transaction Manager 跨站脚本漏洞

IBM Financial Transaction Manager is a financial transaction manager from IBM Corporation. A cross-site scripting vulnerability exists in IBM Financial Transaction Manager, which stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the...

5.4CVSS5.3AI score0.00495EPSS
Exploits0References3
cnnvd
cnnvd
added 2021/08/25 12:0 a.m.6 views

Six Apart Movable Type 跨站脚本漏洞

Six Apart Movable Type is an application of Six Apart, Inc. A cross-site scripting vulnerability exists in Six Apart Movable Type, which stems from the lack of proper validation of client-side data in the WEB application. An attacker could use this vulnerability to inject arbitrary script or HTML...

6.1CVSS5.4AI score0.009EPSS
Exploits0References3
cnnvd
cnnvd
added 2021/08/25 12:0 a.m.5 views

Six Apart Movable Type 跨站脚本漏洞

Six Apart Movable Type MT is a blogging system from Six Apart, a US-based company. A cross-site scripting vulnerability exists in Six Apart Movable Type, which stems from the lack of proper validation of client-side data in the WEB application and can be exploited to inject arbitrary script or HT...

6.1CVSS5.4AI score0.009EPSS
Exploits0References4
cnnvd
cnnvd
added 2021/08/17 12:0 a.m.6 views

xArrow SCADA 跨站脚本漏洞

xArrow SCADA is an installer for industrial control products from xArrow in China. A cross-site scripting vulnerability exists in xArrow SCADA. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execut...

6.1CVSS6.1AI score0.00752EPSS
Exploits0References4
cnnvd
cnnvd
added 2021/08/17 12:0 a.m.6 views

EDX Open edX 跨站脚本漏洞

EDX Open edX is an online learning management system from the U.S.-based edX EDX. Open edX suffers from a cross-site scripting vulnerability that stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side co...

6.1CVSS6.1AI score0.00624EPSS
Exploits0References1
cnnvd
cnnvd
added 2021/08/17 12:0 a.m.4 views

Pixelimity 跨站脚本漏洞

Pixelimity is a PHP-based open source CMS Content Management System. Pixelimity 1.0 suffers from a cross-site scripting vulnerability that stems from a lack of proper validation of client-side data in the WEB application. An attacker can exploit this vulnerability to execute client-side code...

4.8CVSS5.1AI score0.0051EPSS
Exploits1References2
cnnvd
cnnvd
added 2021/08/10 12:0 a.m.3 views

GetSimple CMS 跨站请求伪造漏洞

GetSimple CMS is a content management system CMS written in PHP. A security vulnerability exists in the My SMTP Contact v1.1.1 plugin for GetSimple CMS, which stems from a lack of proper validation of client-side data in the WEB application. An attacker can exploit the vulnerability to execute...

6.5CVSS6.7AI score0.00557EPSS
Exploits1References1
Rows per page
Query Builder