Alfresco Cross-Site Scripting Vulnerability (CNVD-2021-83570)

Alfresco is an open source enterprise content management system. The platform page using Freemarker development , the main features include document management , collaboration , records management , knowledge base management , Web content management and so on. Alfresco has a security vulnerabilit...

Snipe-IT Cross-Site Scripting Vulnerability (CNVD-2022-19845)

Snipe-IT is an open source IT asset/license management system. snipe-IT has a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data in the WEB application, which can be exploited by attackers to execute client-side code...

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports personal blog sites on servers running PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin Ivory Search, which stems from the lack ...

Trane Tracer SC 跨站脚本漏洞

Trane Tracer SC is an intelligent field panel from Trane Australia that communicates with unit controllers LON or BACnet to provide independent control of HVAC equipment. A cross-site scripting vulnerability exists in Trane Tracer SC. The vulnerability stems from a lack of proper validation of...

myfactory.FMS 跨站脚本漏洞

myfactory.FMS is a transaction management system. A cross-site scripting vulnerability exists in Myfactory.FMS that stems from the product's Error parameter failing to properly validate user input data. The vulnerability can be exploited to execute client-side code. The following products and...

Adobe Campaign Classic 跨站脚本漏洞

Adobe Campaign Classic ACC is a suite of cross-channel customer experience marketing platforms from the American company Audobee Adobe. The platform features real-time interaction management, Adobe Experience Cloud integration, data management and integration. A cross-site scripting vulnerability...

JEECMS Cross-Site Scripting Vulnerability (CNVD-2021-88950)

Jeecms is China's Jinlei Technology Development Jeecms company's set of content management system CMS developed using the Java language. A cross-site scripting vulnerability exists in JEECMS, which originates from the product's /member-vipcenter.htm page that does not validate user input data. An...

Tad Uploader Cross-Site Scripting Vulnerability

Tad Uploader is a file upload management module by the individual developer of Tad in Taiwan, China. A cross-site scripting vulnerability exists in Tad Uploader, which stems from the failure of the add subject of the book list function in the product to properly filter certain special characters...

WordPress plugin CM Tooltip Glossary cross-site scripting vulnerability

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL.A cross-site scripting vulnerability exists in the WordPress plugin CM Tooltip Glossary, which stems fro...

WordPress Appointment Hour Booking plugin cross-site scripting vulnerability (CNVD-2022-01701)

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . The WordPress Appointment Hour Booking plugin suffers fro...

WordPress Better Find and Replace plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . The WordPress Better Find and Replace plugin suffers from...

Xiuno BBS Cross-Site Scripting Vulnerability

Xiuno BBS is an open source forum program based on PHP and MySQL. Xiuno BBS suffers from a cross-site scripting vulnerability that originates from the failure of the product/admin/?setting-base.htm page to properly handle data in the sitebrief field. An attacker can exploit this vulnerability to...

Xiuno BBS Cross-Site Scripting Vulnerability (CNVD-2021-85273)

Xiuno BBS is an open source forum program based on PHP and MySQL. Xiuno BBS suffers from a cross-site scripting vulnerability that originates from the failure of the product/admin/?setting-base.htm page to properly handle data in the sitename field. An attacker can execute client-side code via th...

Booking Core Cross-Site Scripting Vulnerability

Booking Core is a Laravel-based booking system designed as an application for travel websites, shopping malls, travel agencies, tour operators, bed and breakfasts, villa rentals, resort rentals, and Make Travel websites. A cross-site scripting vulnerability exists in Booking Core. The vulnerabili...

WordPress plugin User Registration cross-site scripting vulnerability

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers.The WordPress plugin User Registration has a cross-site scripting vulnerability that stems from the lack of proper validation ...

Maccms Cross-Site Scripting Vulnerability (CNVD-2021-88955)

Maccms is a PHP-based content management system CMS for film and television. A cross-site scripting vulnerability exists in Mccms10, which stems from the fact that the nickname in the editing function under the Member module of the product fails to properly validate user input data. An attacker c...

WordPress WooCommerce plugin cross-site scripting vulnerability (CNVD-2021-100249)

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . The WordPress WooCommerce plugin suffers from a cross-sit...

Bosch Rexroth IndraMotion Mlc Cross-Site Scripting Vulnerability

The Bosch Rexroth IndraMotion Mlc is a new device that combines motion and logic control, as well as robot control.A cross-site scripting vulnerability exists in the Bosch Rexroth IndraMotion Mlc, which stems from the lack of proper validation of client-side data by the WEB application. An attack...

Jeecms 跨站脚本漏洞

Jeecms is China's Jinlei Technology Development Jeecms company's set of content management system CMS developed using the Java language. A cross-site scripting vulnerability exists in JEECMS, which originates from the product's /member-vipcenter.htm page that does not validate user input data. An...

WordPress 插件 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . The WordPress WooCommerce plugin suffers from a cross-sit...