WordPress Laborator Neon theme cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Laborator Neon theme is used in one of the back-end website management theme plugin. A cross-site scripting vulnerability exists in...

ZenPhoto cross-site scripting vulnerability (CNVD-2020-03822)

ZenPhoto is a free content management system for photo libraries. The system manages images and supports multimedia such as audio and video. A cross-site scripting vulnerability exists in the 'sanitizestring' function in versions of Zenphoto prior to 1.4.9, which stems from a lack of proper...

WordPress ListingPro theme cross-site scripting vulnerability (CNVD-2020-01194)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.ListingPro theme is a directory website theme plugin used in it. A cross-site scripting vulnerability exists in WordPress...

WordPress ListingPro theme cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.ListingPro theme is a directory website theme plugin used in it. A cross-site scripting vulnerability exists in WordPress...

WSO2 Identity Server Cross-Site Scripting Vulnerability (CNVD-2020-02585)

WSO2 Identity Server IS is an identity server from the American company WSO2. A cross-site scripting vulnerability exists in WSO2 IS version 5.7.0. The vulnerability stems from the lack of proper validation of client data by the WEB application. An attacker can exploit the vulnerability to execut...

Red Hat Keycloak Cross-Site Scripting Vulnerability (CNVD-2020-01944)

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. A cross-site scripting vulnerability exists in the login-status-iframe.html page in Red Hat Keycloak, which stems from a lack of proper...

phpMyChat-Plus Cross-Site Scripting Vulnerability

phpMyChat-Plus is a chat room system based on PHP and MySQL. A cross-site scripting vulnerability exists in phpMyChat-Plus version 1.98. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute...

D-Link DIR-615 Cross-Site Scripting Vulnerability (CNVD-2020-02707)

The D-Link DIR-615 is a wireless router from AUO D-Link of Taiwan, China. A cross-site scripting vulnerability exists in the user account configuration page in the D-Link DIR-615. The vulnerability stems from a lack of proper validation of client data by the WEB application. An attacker can explo...

HCL Technologies AppScan Source Cross-Site Scripting Vulnerability

HCL Technologies AppScan Source is a static application security testing solution from HCL Technologies India. A cross-site scripting vulnerability exists in HCL Technologies AppScan Source. The vulnerability stems from the lack of proper validation of client-side data by the WEB application. An...

Backdrop CMS Cross-Site Scripting Vulnerability (CNVD-2020-03709)

Backdrop CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in Backdrop CMS version 1.13.x before 1.13.5 and version 1.14.x before 1.14.2. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker...

Intesync Solismed Cross-Site Scripting Vulnerability

Intesync Solismed is a clinic management system designed for use by independent and free clinics. A cross-site scripting vulnerability exists in Intesync Solismed. An attacker can exploit this vulnerability to execute client-side code...

statusnet cross-site scripting vulnerability (CNVD-2020-04299)

statusnet is an open source micro-blogging program written in PHP. A cross-site scripting vulnerability exists in versions of statusnet prior to 0.9.9. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to...

Avaya IP Office Application Server WebUI Component Cross-Site Scripting Vulnerability

Avaya IP Office Application Server is an application server from the American company Avaya. A cross-site scripting vulnerability exists in the WebUI component of IP Office Application Server version 11.x. The vulnerability stems from a lack of proper validation of client-side data in the WEB...

DAViCal CalDAV Server Cross-Site Scripting Vulnerability

DAViCal is a calendar sharing server that is an implementation of the CalDAV protocol. A cross-site scripting vulnerability exists in DAViCal CalDAV Server version 1.1.8 and earlier. The vulnerability stems from a lack of proper validation of client data by the WEB application. An attacker can...

WordPress Scoutnet Kalender Cross-Site Scripting Vulnerability

WordPress is a blogging platform from the WordPress Foundation developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.Scoutnet Kalender is one of the calendar plugins. A cross-site scripting vulnerability exists in version 1.1.0 of the WordPre...

AntiDisposmail - Detecting Disposable Email Addresses

Antbot.pw provides a free, open API endpoint for checking a domain or email address against a frequently-updated list of disposable domains. CORS is enabled for all originating domains, so you can call the API directly from your client-side code. GET https://antibot.pw/api/[email protected]...

Cloudera Manager Cross-Site Scripting Vulnerability (CNVD-2020-14237)

Cloudera Manager is a suite of Hadoop data management software from Cloudera. The software supports creating clusters, authentication, data backup and recovery, and more. A cross-site scripting vulnerability exists in Cloudera Manager versions prior to 5.4.3. The vulnerability stems from the WEB...

FusionPBX Cross-Site Scripting Vulnerability (CNVD-2019-44257)

FusionPBX is a scalable, multi-threaded communications platform. The platform can be used as a call center server, fax server, VOIP server, voicemail server, conference server and voice application server. A cross-site scripting vulnerability exists in FusionPBX. The vulnerability stems from the...

Siemens Polarion webclient cross-site scripting vulnerability (CNVD-2019-44254)

Siemens Polarion is a suite of application lifecycle management software from Siemens, Germany. The software supports end-to-end enterprise application development in a unified, modular, browser-based software environment. webclient is one of the web-based client programs. A cross-site scripting...

Siemens Polarion webclient Cross-Site Scripting Vulnerability

Siemens Polarion is a suite of application lifecycle management software from Siemens, Germany. The software supports end-to-end enterprise application development in a unified, modular, browser-based software environment. webclient is one of the web-based client programs. A cross-site scripting...