WordPress newstatpress plugin cross-site scripting vulnerability (CNVD-2019-30374)

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. newstatpress is a plugin used in it for real-time statistics on blog visits. A cross-site scripting vulnerability exists in the...

WordPress my-wp-translate plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. my-wp-translate is a language translation plugin used in it. A cross-site scripting vulnerability exists in the WordPress...

FUEL CMS Cross-Site Scripting Vulnerability (CNVD-2019-41832)

FUEL CMS is a content management system CMS based on the Codelgniter framework. A cross-site scripting vulnerability exists in the Create Blocks section of the Admin console in FUEL CMS version 1.4.4, which stems from a lack of proper validation of client-side data in the WEB application and can ...

WordPress newstatpress plugin cross-site scripting vulnerability (CNVD-2019-30376)

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. newstatpress is a plugin used in it for real-time statistics on blog visits. A cross-site scripting vulnerability exists in the...

WordPress newstatpress plugin cross-site scripting vulnerability (CNVD-2019-30373)

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. newstatpress is a plugin used in it for real-time statistics on blog visits. A cross-site scripting vulnerability exists in the...

IRS Security Summit Series for Tax Professionals: Create a Data Theft Recovery Plan

The fifth and final step in the Internal Revenue Service IRS Security Summit series for tax professionals is creating a data theft recovery plan. IRS issued a news release highlighting the importance of understanding the risks posed by national and international cybersecurity criminal syndicates,...

WordPress simple-membership plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. simple-membership plugin is a website membership plugin used in it. Cross-site scripting vulnerability exists in WordPress...

Recommender Cross-Site Scripting Vulnerability

Recommender is an information filtering system. The system recommends content to users by predicting their "ratings" or "preferences" for items. A cross-site scripting vulnerability exists in Recommender versions prior to 2018-07-18. The vulnerability stems from a lack of proper validation of...

WordPress Ultimate Member plugin cross-site scripting vulnerability (CNVD-2019-27688)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Ultimate Member plugin is one of the plugins used to create member sites or online communities. A cross-site scripting vulnerability...

PT-2019-3682 · Oracle +7 · Mysql Server +6

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.6.44 and prior MySQL Server versions 5.7.26 and prior MySQL Server versions 8.0.16 and prior Description: The vulnerability in the MySQL Server product is related to the lack of protection of service data in the Client...

Enhancesoft osTicket Cross-Site Scripting Vulnerability (CNVD-2020-16820)

Enhancesoft osTicket is a U.S. Enhancesoft's open source ticketing system. A cross-site scripting vulnerability exists in Enhancesoft osTicket versions prior to 1.10.7 and 1.12.x prior to 1.12.1. The vulnerability stems from a lack of proper validation of client-side data in the WEB application a...

SunHater KCFinder Cross-Site Scripting Vulnerability

SunHater KCFinder is an open source file manager. A cross-site scripting vulnerability exists in SunHater KCFinder. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

EspoCRM Cross-Site Scripting Vulnerability (CNVD-2019-24797)

EspoCRM is an open source web-based customer relationship management CRM system. The system provides features such as sales automation, community and customer support. A cross-site scripting vulnerability exists in EspoCRM versions prior to 5.6.6. The vulnerability stems from the WEB application...

EspoCRM Cross-Site Scripting Vulnerability (CNVD-2019-24800)

EspoCRM is an open source web-based customer relationship management CRM system. The system provides features such as sales automation, community and customer support. A cross-site scripting vulnerability exists in EspoCRM version 5.6.4. The vulnerability stems from the WEB application lacking...

HisiPHP Cross-Site Scripting Vulnerability

HisiPHP is a set of rapid development framework based on ThinkPHP and Layui, which integrates permission management, module management, plugin management and database management. A cross-site scripting vulnerability exists in hisiphp version 1.0.8. The vulnerability stems from the lack of proper...

OTCMS cross-site scripting vulnerability (CNVD-2019-24208)

OTCMS Nettie CMS is an article-based web content management system CMS. A cross-site scripting vulnerability exists in OTCMS version 3.81. The vulnerability stems from the lack of proper validation of client-side data in the WEB application. An attacker can exploit this vulnerability to execute...

Emoncms Cross-Site Scripting Vulnerability (CNVD-2019-22862)

Emoncms is an open source web application. The program is primarily used to process, record and display energy, temperature and other environmental data. A cross-site scripting vulnerability exists in Emoncms version 9.8.8. The vulnerability stems from the WEB application's lack of proper...

InterSystems Cache Cross-Site Scripting Vulnerability

InterSystems Cache is a database management system from InterSystems, Inc. in the United States. The system is primarily used for the development of software applications in healthcare management, banking and financial services, government and other industries. A cross-site scripting vulnerabilit...

Wikindx Cross-Site Scripting Vulnerability

Wikindx is a suite of virtual research environments online bibliography and quote/notes management and article creation system. A cross-site scripting vulnerability exists in the noMenu and noSubMenu in the core/navigation/MENU.php file in WIKINDX versions prior to 5.8.1. The vulnerability stems...

Synology Note Station Cross-Site Scripting Vulnerability (CNVD-2019-20979)

Synology Note Station is a cloud-based note management application from Synology Inc. of Taiwan, China. A cross-site scripting vulnerability exists in SYNO.NoteStation.Shard in Synology Note Station versions prior to 2.5.3-0863. The vulnerability stems from the WEB application lacking proper...