235 matches found
BeyondTrust Remote Support 跨站脚本漏洞
BeyondTrust Remote Support is a remote desktop access, help desk and collaboration software for Windows, Mac, Linux, Ios iPad, iPhone, etc. BeyondTrust Remote Support is vulnerable to cross-site request forgery. The vulnerability stems from the lack of proper validation of client-side data in the...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress BetterLinks suffers from a cross-site scripting vulnerability that stems from a lack of...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress Video Lessons Manager, which stems from a...
PHP 跨站脚本漏洞
PHP is a scripting language that executes on the server side. PHP suffers from a security vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute client-side code...
vaadin 跨站脚本漏洞
vaadin vaadin is an open source platform for web application development from Finnish company vaadin. the vaadin platform consists of a set of web components, a Java web framework, and a set of tools and application launchers. the vaadin platform includes a set of web components, a Java web...
Nextcloud 代码问题漏洞
Nextcloud is an open source self-hosted file synchronization and sharing communication application platform from Nextcloud Germany. nextcloud Contacts application prior to version 4.0.3 suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side...
Csdn App 跨站脚本漏洞
Csdn App is an It community software for cell phones from CN Beijing Innovative Lezhi Network Technology Csdn. Csdn APP suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client data by the WEB application. An attacker can exploit this vulnerability...
Alfresco 跨站脚本漏洞
Alfresco is an open source enterprise content management system. The platform page using Freemarker development , the main features include document management , collaboration , records management , knowledge base management , Web content management and so on. Alfresco has a security vulnerabilit...
Memory corruption
Possible memory corruption due to lack of validation of client data used for memory allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables...
ProjectSend 跨站脚本漏洞
Projectsend formerly known as cFTP is a suite of self-hosted applications based on PHP and MySQL. Projectsend suffers from a cross-site scripting vulnerability that stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to...
WordPress 插件 跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . The WordPress Better Find and Replace plugin suffers from...
XssHunter-Express 授权问题漏洞
XssHunter-Express is used to test and find blind XSS. XssHunter-Express suffers from an Authorization Problem vulnerability that stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...
Beego 跨站脚本漏洞
Beego is an open source web framework based on the Go language. Beego 2.0.1 suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...
IBM Financial Transaction Manager 跨站脚本漏洞
IBM Financial Transaction Manager is a financial transaction manager from IBM Corporation. A cross-site scripting vulnerability exists in IBM Financial Transaction Manager, which stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the...
Six Apart Movable Type 跨站脚本漏洞
Six Apart Movable Type is an application of Six Apart, Inc. A cross-site scripting vulnerability exists in Six Apart Movable Type, which stems from the lack of proper validation of client-side data in the WEB application. An attacker could use this vulnerability to inject arbitrary script or HTML...
Six Apart Movable Type 跨站脚本漏洞
Six Apart Movable Type MT is a blogging system from Six Apart, a US-based company. A cross-site scripting vulnerability exists in Six Apart Movable Type, which stems from the lack of proper validation of client-side data in the WEB application and can be exploited to inject arbitrary script or HT...
xArrow SCADA 跨站脚本漏洞
xArrow SCADA is an installer for industrial control products from xArrow in China. A cross-site scripting vulnerability exists in xArrow SCADA. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execut...
EDX Open edX 跨站脚本漏洞
EDX Open edX is an online learning management system from the U.S.-based edX EDX. Open edX suffers from a cross-site scripting vulnerability that stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side co...
Pixelimity 跨站脚本漏洞
Pixelimity is a PHP-based open source CMS Content Management System. Pixelimity 1.0 suffers from a cross-site scripting vulnerability that stems from a lack of proper validation of client-side data in the WEB application. An attacker can exploit this vulnerability to execute client-side code...
GetSimple CMS 跨站请求伪造漏洞
GetSimple CMS is a content management system CMS written in PHP. A security vulnerability exists in the My SMTP Contact v1.1.1 plugin for GetSimple CMS, which stems from a lack of proper validation of client-side data in the WEB application. An attacker can exploit the vulnerability to execute...