Lucene search
+L

105 matches found

Fedora
Fedora
added 2022/11/24 1:33 a.m.16 views

[SECURITY] Fedora 36 Update: drupal7-link-1.11-1.fc36

The link module can be count to the top 50 modules in Drupal installations and provides a standard custom content field for links. With this module links can be added easily to any content types and profiles and include advanced validating and different ways of storing internal or external links...

7.1AI score
Exploits0
Fedora
Fedora
added 2022/11/24 1:27 a.m.16 views

[SECURITY] Fedora 37 Update: drupal7-link-1.11-1.fc37

The link module can be count to the top 50 modules in Drupal installations and provides a standard custom content field for links. With this module links can be added easily to any content types and profiles and include advanced validating and different ways of storing internal or external links...

7.1AI score
Exploits0
OSV
OSV
added 2022/09/29 8:15 p.m.10 views

CVE-2022-40472

ZKTeco Xiamen Information Technology ZKBio Time 8.0.7 Build: 20220721.14829 was discovered to contain a CSV injection vulnerability. This vulnerability allows attackers to execute arbitrary code via a crafted payload injected into the Content text field of the Add New Message module...

8CVSS6.1AI score0.00923EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/09/29 12:0 a.m.7 views

ZKTeco ZKBio Time 安全漏洞

A cross-site scripting vulnerability exists in ZKTeco ZKBio Time version 8.0.7, which originates from the "Content" text field of the "Add New Message" module. Content" text field of the "Add New Message" module lacks effective filtering and escaping of user-supplied data, which can be exploited ...

8CVSS6.1AI score0.00923EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/11/22 12:0 a.m.7 views

Shimo Document 跨站脚本漏洞

Wuhan Chuxin Technology Shimo Document is an online document editing and processing tool from Wuhan Chuxin Technology, China. A security vulnerability exists in Shimo Document version v2.0.1, which can be exploited by an attacker to execute arbitrary web script or HTML via a specially crafted loa...

5.4CVSS6.2AI score0.00514EPSS
Exploits0References2
CNVD
CNVD
added 2021/08/05 12:0 a.m.16 views

HTMLy Cross-Site Scripting Vulnerability (CNVD-2021-94954)

htmly is a simple and fast database-free PHP blogging platform and flat file CMS. htmly version 2.8.1 has a vulnerability in the "content" field of the "regular post" page in the "add content" menu of the dashboard. field of the "add content" menu in the dashboard is vulnerable to a stored...

6.1CVSS0.3AI score0.00931EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/07/01 8:40 p.m.25 views

CVE-2020-23219

Monstra CMS 3.0.4 allows attackers to execute arbitrary code via a crafted payload entered into the "Snippet content" field under the "Edit Snippet" module...

8.9AI score0.0158EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/07/01 12:0 a.m.4 views

Monstra CMS 代码注入漏洞

Monstra is a lightweight content management system CMS. A remote code execution vulnerability exists in Monstra version 3.0.4. The vulnerability can be exploited to execute arbitrary code via the "Snippet content" field under the "Edit Snippet" module...

8.8CVSS6.9AI score0.0158EPSS
Exploits1References2
NVD
NVD
added 2021/04/01 8:15 p.m.16 views

CVE-2020-19618

Cross Site Scripting XSS vulnerability in mblog 3.5 via the post content field to /post/editing...

5.4CVSS0.00637EPSS
Exploits1References1
OSV
OSV
added 2021/04/01 8:15 p.m.20 views

CVE-2020-19618

Cross Site Scripting XSS vulnerability in mblog 3.5 via the post content field to /post/editing...

5.4CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2021/04/01 8:15 p.m.18 views

Cross site scripting

Cross Site Scripting XSS vulnerability in mblog 3.5 via the post content field to /post/editing...

3.5CVSS5.3AI score0.00637EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/04/01 7:1 p.m.23 views

CVE-2020-19618

Cross Site Scripting XSS vulnerability in mblog 3.5 via the post content field to /post/editing...

5.3AI score0.00637EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/04/01 12:0 a.m.6 views

langhsu mblog 跨站脚本漏洞

Mblog is an open source Java blog system , support for multi-user , support for switching themes. Mblog 3.5 has a cross-site scripting vulnerability , the vulnerability stems from post editing via the post content field . An attacker can use this vulnerability to inject arbitrary Web script or HT...

5.4CVSS5.5AI score0.00637EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2021/02/05 12:0 a.m.6 views

The vulnerability of the eDocLib platform for storing and processing corporate data arises from the lack of measures taken to protect the website structure. This vulnerability allows attackers to carry out cross-site scripting attacks.

The vulnerability of the eDocLib platform for storing and processing corporate data exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the user’s browser by placing it in the “All Content”...

6.3CVSS6AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/02/04 12:0 a.m.7 views

The vulnerability of the eDocLib platform for storing and processing corporate data arises from the lack of measures taken to protect the website structure. This vulnerability allows attackers to carry out cross-site scripting attacks.

The vulnerability of the eDocLib platform for storing and processing corporate data exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the user’s browser by placing it in the “Card Content”...

6.3CVSS6AI score
Exploits0Affected Software1
Fedora
Fedora
added 2019/03/06 3:29 p.m.13 views

[SECURITY] Fedora 28 Update: drupal7-link-1.6-1.fc28

The link module can be count to the top 50 modules in Drupal installations and provides a standard custom content field for links. With this module links can be added easily to any content types and profiles and include advanced validating and different ways of storing internal or external links...

1.5AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/05 12:0 a.m.21 views

Chamilo LMS 1.11.8 - Cross-Site Scripting

Exploit Title: Chamilo LMS 1.11.8 - Cross-Site Scripting Author: Cakes Discovery Date: 2018-10-05 Vendor Homepage: https://chamilo.org Software Link: https://github.com/chamilo/chamilo-lms/releases/download/v1.11.8/chamilo-1.11.8-php5.zip Tested Version: 1.11.8 for php5 Tested on OS: Kali Linux...

7.4AI score
Exploits0
NVD
NVD
added 2018/09/10 4:29 a.m.14 views

CVE-2018-16773

EasyCMS 1.5 allows XSS via the index.php?s=/admin/fields/update/navTabId/listfields/callbackType/closeCurrent content field...

4.8CVSS5AI score0.00548EPSS
Exploits1References1
OSV
OSV
added 2018/09/10 4:29 a.m.17 views

CVE-2018-16773

EasyCMS 1.5 allows XSS via the index.php?s=/admin/fields/update/navTabId/listfields/callbackType/closeCurrent content field...

4.8CVSS5.8AI score0.00548EPSS
Exploits1References1
Prion
Prion
added 2018/09/10 4:29 a.m.15 views

Cross site scripting

EasyCMS 1.5 allows XSS via the index.php?s=/admin/fields/update/navTabId/listfields/callbackType/closeCurrent content field...

3.5CVSS4.8AI score0.00548EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder