Lucene search
+L

235 matches found

CNVD
CNVD
added 2019/06/28 12:0 a.m.4 views

Magento cross-site scripting vulnerability (CNVD-2019-26217)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engine and payment gateway and other functions. A cross-site scripting vulnerability exists in Magento Open Source, Magento Commerce and Magento. The vulnerability...

5.4CVSS6.4AI score0.00566EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/19 12:0 a.m.5 views

Fortinet FortiWeb Cross-Site Scripting Vulnerability (CNVD-2019-18595)

Fortinet FortiWeb is a Web application layer firewall from the U.S. company Fita Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks to ensure the security of Web applications and protect sensitive database content. A...

6.1CVSS6.7AI score0.00965EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/19 12:0 a.m.5 views

Apache Allura Cross-Site Scripting Vulnerability

Apache Allura is the United States Apache Apache Software Foundation's set of open source project hosting platform. The platform supports the management of source code repositories, bug reports, wiki pages and blogs. A cross-site scripting vulnerability exists in the user drop-down selector in...

6.1CVSS6.5AI score0.0514EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/14 12:0 a.m.6 views

IBM Connections Cross-Site Scripting Vulnerability (CNVD-2019-19316)

IBM Connections is a suite of social software platforms from IBM USA. The platform provides advanced analytics and real-time data monitoring capabilities and can accelerate web collaboration within and outside the organization through IBMSmartCloud services. A cross-site scripting vulnerability...

5.4CVSS6.3AI score0.00673EPSS
Exploits0References1
OSV
OSV
added 2019/06/11 8:29 p.m.7 views

CVE-2019-3413

All versions up to V20.18.40.R7.B1of ZTE NetNumen DAP product have an XSS vulnerability. Due to the lack of correct validation of client data in WEB applications, which results in users being hijacked...

5.4CVSS5.7AI score0.00636EPSS
Exploits0References1
CNVD
CNVD
added 2019/06/10 12:0 a.m.3 views

Ruby Chartkick gem cross-site scripting vulnerability

Ruby Chartkick gem is a Ruby-based package for creating Javascript charts. A cross-site scripting vulnerability exists in Ruby Chartkick gem version 3.1.0 and earlier. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this...

4.7CVSS6.4AI score0.00772EPSS
Exploits1References1
CNVD
CNVD
added 2019/06/05 12:0 a.m.4 views

Carel pCOWeb Cross-Site Scripting Vulnerability

Carel pCOWeb is a programmable control card. A cross-site scripting vulnerability exists in Carel pCOWeb versions prior to B1.2.4. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute client-side...

5.4CVSS6.4AI score0.03977EPSS
Exploits1References1
CNVD
CNVD
added 2019/05/24 12:0 a.m.5 views

IBM Cognos Analytics Cross-Site Scripting Vulnerability (CNVD-2019-25041)

IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. A cross-site scripting...

5.4CVSS6.3AI score0.00996EPSS
Exploits0References1
CNVD
CNVD
added 2019/05/23 12:0 a.m.6 views

Open-Xchange OX App Suite Cross-Site Scripting Vulnerability (CNVD-2019-16167)

Open-Xchange OX App Suite is a set of Web-based cloud desktop environments from Open-Xchange USA. The environment allows users to manage email, tasks, files, etc. more intuitively. A cross-site scripting vulnerability exists in Open-Xchange OX App Suite 7.8.4 and earlier versions. The vulnerabili...

5.4CVSS6.3AI score0.00536EPSS
Exploits0References1
CNVD
CNVD
added 2019/05/23 12:0 a.m.7 views

Open-Xchange GmbH OX App Suite Cross-Site Scripting Vulnerability

Open-Xchange OX App Suite is a set of Web-based cloud desktop environments from Open-Xchange USA. The environment allows users to manage email, tasks, files, etc. more intuitively. A cross-site scripting vulnerability exists in Open-Xchange OX App Suite. The vulnerability stems from a lack of...

6.1CVSS6.3AI score0.00862EPSS
Exploits0References1
CNVD
CNVD
added 2019/05/17 12:0 a.m.7 views

Microsoft Team Foundation Server and Microsoft Azure DevOps Server Cross-Site Scripting Vulnerability

Microsoft Team Foundation Server and Microsoft Azure DevOps Server are both products of Microsoft Corporation, U.S.A. Microsoft Team Foundation Server is a suite of Application Lifecycle Management ALM tools Microsoft Team Foundation Server is an application lifecycle management ALM suite of tool...

5.4CVSS6.4AI score0.01697EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/04 12:0 a.m.3 views

buttle npm package cross-site scripting vulnerability

buttle npm package is a static file server. A cross-site scripting vulnerability exists in version 0.2.0 of the buttle npm package, which stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

6.1CVSS6.4AI score0.01172EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/02 12:0 a.m.4 views

OverIT Geocall Cross-Site Scripting Vulnerability

OverIT Geocall is a field service management solution from OverIT Italy. A cross-site scripting vulnerability exists in version 6.3 prior to OverIT Geocall build 2:346977, which stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit the...

6.1CVSS6.3AI score0.00901EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/01 12:0 a.m.5 views

Palo Alto Networks Expedition Migration Tool Cross-Site Scripting Vulnerability (CNVD-2019-14250)

Palo Alto Networks Expedition Migration Tool is a security policy configuration migration tool from Palo Alto Networks, USA. A cross-site scripting vulnerability exists in Palo Alto Networks Expedition Migration Tool version 1.1.8 and prior versions, which stems from a lack of proper validation o...

4.8CVSS6.3AI score0.01063EPSS
Exploits1References1
CNVD
CNVD
added 2019/02/02 12:0 a.m.6 views

M-Server Cross-Site Scripting Vulnerability

M-Server is a small http static server . M-Server suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

5.4CVSS6.4AI score0.00606EPSS
Exploits1References1
Rows per page
Query Builder