Nagios XI Cross-Site Scripting Vulnerability (CNVD-2021-09294)

Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting and rich data visualization. A cross-site scripting vulnerability exists in Nagios XI 5.8.0 in the Favorites component prior to version 1.0.2. An attacker could...

Cross-Site Scripting Vulnerability in Multiple NEC Aterm Products

The NEC Aterm WG2600HP and others are a wireless router from NEC Corporation of Japan. A cross-site scripting vulnerability exists in multiple Aterm products, which stems from a lack of proper validation of client-side data by the WEB application. The vulnerability can be exploited by an attacker...

OpenCATS Cross-Site Scripting Vulnerability (CNVD-2021-09918)

OpenCATS is a free open source candidate/applicant tracking system designed to allow recruiters to manage the hiring process from job posting and candidate application to candidate selection and submission. A cross-site scripting vulnerability exists in OpenCATS 0.9.5-3 and earlier versions. An...

OpenCats 跨站脚本漏洞

OpenCATS is a free open source candidate/applicant tracking system designed to allow recruiters to manage the hiring process from job posting and candidate application to candidate selection and submission. A cross-site scripting vulnerability exists in OpenCATS 0.9.5-3 and earlier versions. An...

Wordpress Hashtagger Plugin Cross-Site Scripting Vulnerability

WordPress is a blogging platform based on the PHP language, which can be used to set up a website on a server that supports PHP and MySQL databases, and can also be used as a content management system CMS. A cross-site scripting vulnerability exists in the Wordpress Hashtagger plugin that stems...

WordPress plugin Custom Global Variables 'name' cross-site scripting vulnerability

WordPress is a blogging platform based on the PHP language, which can be used to set up a website on a server that supports PHP and MySQL databases, and can also be used as a content management system CMS. A cross-site scripting vulnerability exists in the WordPress plugin Custom Global Variables...

Open-Xchange OX App Suite Cross-Site Scripting Vulnerability

Open-Xchange OX App Suite is an email client software from the German company Open-Xchange. A cross-site scripting vulnerability exists in OX App Suite version 7.10.4 and prior versions, which stems from a lack of proper validation of client-side data by the WEB application. An attacker can explo...

Sourcecodester Alumni Management System Cross-Site Scripting Vulnerability

Sourcecodester Alumni Management System is an alumni management system. Sourcecodester Alumni Management System suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data in the web application, which can be exploited by an attacker to...

Seotoaster 3.2.0 Cross Site Scripting

Exploit Title: Seotoaster 3.2.0 - Stored XSS on Edit page properties Exploit Author: Hardik Solanki Vendor Homepage: https://www.seotoaster.com/ Software Link: https://crm-marketing-automation-platforms.seotoaster.com/ Version: 3.2.0 Tested on Windows 10 XSS ATTACK: Cross-site Scripting XSS is a...

SourceCodester Online Examination System Cross-Site Scripting Vulnerability (CNVD-2021-95923)

SourceCodester Online Examination System is an online examination system from SourceCodester, Inc. A cross-site scripting vulnerability exists in SourceCodester Online Examination System 1.0, which stems from a WEB application's lack of proper validation of The vulnerability is caused by the lack...

QNAP Systems TS-870 Cross-Site Scripting Vulnerability

QNAP Systems TS-870 is a NAS Network Attached Storage appliance from China Weilian QNAP Systems. A cross-site scripting vulnerability exists in the File Name of Music Station in the QNAP Systems TS-870 using firmware version 4.3.4.0486. The vulnerability stems from a lack of proper validation of...

QNAP Systems TS-870 Cross-Site Scripting Vulnerability

QNAP Systems TS-870 is a NAS Network Attached Storage appliance from China Weilian QNAP Systems. A cross-site scripting vulnerability exists in PhotoStation Filenames in the QNAP Systems TS-870 using firmware version 4.3.4.0486. The vulnerability stems from a lack of proper validation of client...

CloudBees Jenkins Radiator View Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...

Webmin Cross-Site Scripting Vulnerability (CNVD-2020-57826)

Webmin is a set of Web-based system management tools for Unix-like operating systems. A cross-site scripting vulnerability exists in Webmin. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerability to execute...

GitLab Cross-Site Scripting Vulnerability (CNVD-2021-26076)

GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects. A cross-site scripting vulnerability exists in the SVG file preview in GitLab, which can be exploit...

Pagure Input Validation Error Vulnerability

Pagure is a Git repository written in Python to provide Web services. A cross-site scripting vulnerability exists in Pagure versions prior to 5.6, which stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute...

SAP NetWeaver AS ABAP Business Server Cross-Site Scripting Vulnerability (CNVD-2020-52936)

SAP NetWeaver AS ABAP Business Server is an application server for ABAP Advanced Business Application Programming from SAP, Germany. A cross-site scripting vulnerability exists in SAP NetWeaver AS ABAP Business Server Pages. The vulnerability stems from a lack of proper validation of client-side...

SolarWinds Orion Platform Cross-Site Scripting Vulnerability (CNVD-2020-52937)

SolarWinds Orion Platform is a network fault and network performance management platform from SolarWinds, Inc. The platform provides real-time monitoring and analysis of network devices and supports a customizable web interface, multiple user opinions, and a mapped view of the entire network. A...

CloudBees Jenkins Description Column Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...

CloudBees Jenkins chosen-views-tabbar Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...