875 matches found
Magento cross-site scripting vulnerability (CNVD-2019-40749)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. Magento has a cross-site scripting vulnerability. Attackers can use this vulnerability to execute client-side cod...
Magento cross-site scripting vulnerability (CNVD-2019-40745)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. Magento has a cross-site scripting vulnerability. Attackers can use this vulnerability to execute client-side cod...
Magento cross-site scripting vulnerability (CNVD-2019-40746)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. Magento has a cross-site scripting vulnerability. Attackers can use this vulnerability to execute client-side cod...
Magento cross-site scripting vulnerability (CNVD-2019-40748)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. Magento has a cross-site scripting vulnerability. Attackers can use this vulnerability to execute client-side cod...
Magento cross-site scripting vulnerability (CNVD-2019-40743)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. Magento has a cross-site scripting vulnerability. Attackers can use this vulnerability to execute client-side cod...
TYPO3 cross-site scripting vulnerability (CNVD-2019-41240)
TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. A cross-site scripting vulnerability exists in TYPO3 versions prior to 4.3.12, 4.4.x prior to 4.4.9 and 4.5.x prior to 4.5.4. The vulnerability stems from a lack of proper validation of...
Magento Cross-Site Scripting Vulnerability (CNVD-2019-40750)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. Magento has a cross-site scripting vulnerability. Attackers can use this vulnerability to execute client-side cod...
Magento cross-site scripting vulnerability (CNVD-2019-40744)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. Magento has a cross-site scripting vulnerability. Attackers can use this vulnerability to execute client-side cod...
Magento cross-site scripting vulnerability (CNVD-2019-40737)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. Magento has a cross-site scripting vulnerability. Attackers can use this vulnerability to execute client-side cod...
Forcepoint Email Security Cross-Site Scripting Vulnerability
Forcepoint Email Security is a suite of email protection solutions from US-based Forcepoint. The product includes features such as spam filtering, malware detection, phishing protection, and protection against intrusion BEC attacks. A cross-site scripting vulnerability exists in Forcepoint Email...
Online Store System Cross-Site Scripting Vulnerability (CNVD-2019-40112)
Online Store System is an e-commerce system. A cross-site scripting vulnerability exists in Online Store System v1.0. The vulnerability stems from a lack of proper validation of client-side data in the web application. An attacker can exploit this vulnerability to execute client-side code...
Websieve Cross-Site Scripting Vulnerability
websieve is a web-based email server management program. A cross-site scripting vulnerability exists in websieve version v0.62, which stems from the lack of proper validation of client-side data by the WEB application and can be exploited by an attacker to execute client-side code...
AVG AntiVirus Cross-Site Scripting Vulnerability (CNVD-2020-10164)
Avast Antivirus is a suite of antivirus software from the Czech company Avast. A cross-site scripting vulnerability exists in Network Notification Popup in Avast AntiVirus Free, Internet Security and Premiere Edition version 19.3.2369 build 19.3.4241.440. The vulnerability stems from a lack of...
F5 BIG-IP cross-site scripting vulnerability (CNVD-2019-39753)
F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A cross-site scripting vulnerability exists in F5 BIG-IP versions 13.1.0 through 13.1.3, 12.1.0 through 12.1.5, and 11.5.2...
WordPress Modern theme cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Modern theme is a multi-functional website theme plugin used in it. A cross-site scripting vulnerability exists in WordPress Modern...
WordPress weeklynews theme cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. weeklynews theme is a news site theme plugin used in it. WordPress weeklynews theme suffers from a cross-site scripting vulnerability...
WordPress Auberge theme cross-site scripting vulnerability
WordPress is a blogging platform from the WordPress Foundation developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.Auberge theme is a responsive restaurant website theme plugin used in it. WordPress Auberge theme suffers from a cross-sit...
Input validation
In Zucchetti InfoBusiness before and including 4.4.1, an authenticated user can inject client-side code due to improper validation of the Title field in the InfoBusiness Web Component. The payload will be triggered every time a user browses the reports page...
CVE-2019-18207
Summary: CVE-2019-18207 affects Zucchetti InfoBusiness ≤ 4.4.1. An authenticated user can inject client-side code due to improper validation of the Title field in the InfoBusiness Web Component. The payload is triggered whenever users browse the reports page. Affected software: Zucchetti InfoBusi...
LabKey Server Cross-Site Scripting Vulnerability
LabKey Server is a biomedical research data repository from LabKey, Inc. The repository allows Web-based querying, reporting, and collaboration across a wide range of data sources. A cross-site scripting vulnerability exists in LabKey Server. An attacker could exploit this vulnerability to execut...