682 matches found
Design/Logic Flaw
An issue in mingSoft MCMS v.5.2.4 allows a a remote attacker to obtain sensitive information via a crafted script to the password parameter...
MingSoft MCMS Security Vulnerability
MingSoft MCMS is a complete open source J2ee system from China-based MingSoft. A security vulnerability exists in MingSoft MCMS version v.5.2.4, which originated from a vulnerability that allows remote attackers to obtain sensitive information via a carefully crafted script...
CVE-2023-51282
An issue in mingSoft MCMS v.5.2.4 allows a a remote attacker to obtain sensitive information via a crafted script to the password parameter...
CVE-2023-51350
A spoofing attack in ujcms v.8.0.2 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted script to the X-Forwarded-For function in the header...
CVE-2023-50609
Cross Site Scripting XSS vulnerability in AVA teaching video application service platform version 3.1, allows remote attackers to execute arbitrary code via a crafted script to ajax.aspx...
CVE-2023-50630
Cross Site Scripting XSS vulnerability in xiweicheng TMS v.2.28.0 allows a remote attacker to execute arbitrary code via a crafted script to the click here function...
Cross site scripting
Cross Site Scripting XSS vulnerability in xiweicheng TMS v.2.28.0 allows a remote attacker to execute arbitrary code via a crafted script to the click here function...
CVE-2023-47473
Directory Traversal vulnerability in fuwushe.org iFair versions 23.8ad0 and before allows an attacker to obtain sensitive information via a crafted script...
CVE-2023-47473
Directory Traversal vulnerability in fuwushe.org iFair versions 23.8ad0 and before allows an attacker to obtain sensitive information via a crafted script...
CVE-2023-47473
Directory Traversal vulnerability in fuwushe.org iFair versions 23.8ad0 and before allows an attacker to obtain sensitive information via a crafted script...
PT-2024-41142 · Mimetex +1 · Mimetex +1
Name of the Vulnerable Software and Affected Versions: forkosh Mime Tex versions prior to 1.77 Description: An issue in forkosh Mime Tex allows an attacker to execute arbitrary code via a crafted script. Recommendations: For versions prior to 1.77, update to version 1.77 or later to resolve the...
CVE-2023-49004
An issue in D-Link DIR-850L v.B1FW223WWb01 allows a remote attacker to execute arbitrary code via a crafted script to the en parameter...
CVE-2023-49004
An issue in D-Link DIR-850L v.B1FW223WWb01 allows a remote attacker to execute arbitrary code via a crafted script to the en parameter...
CVE-2023-49004
An issue in D-Link DIR-850L v.B1FW223WWb01 allows a remote attacker to execute arbitrary code via a crafted script to the en parameter...
Code injection
An issue in D-Link DIR-850L v.B1FW223WWb01 allows a remote attacker to execute arbitrary code via a crafted script to the en parameter...
CVE-2023-49004
An issue in D-Link DIR-850L v.B1FW223WWb01 allows a remote attacker to execute arbitrary code via a crafted script to the en parameter...
CVE-2023-49004
CVE-2023-49004 affects D-Link DIR-850L, specifically firmware v.B1_FW223WWb01. A remote attacker can execute arbitrary code by sending a crafted script to the en parameter, indicating a remote code execution vulnerability in the router’s web interface. The Red Hat and CNNVD entries corroborate th...
CVE-2023-49563
Cross Site Scripting XSS in Voltronic Power SNMP Web Pro v.1.1 allows an attacker to execute arbitrary code via a crafted script within a request to the webserver...
EverShop Security Breach
EverShop is EverShop open source a NodeJS e-commerce platform. A security vulnerability exists in EverShop versions prior to v.1.0.0-rc.5. A remote attacker can exploit this vulnerability to obtain sensitive information from the admin panel via a specially crafted script...
GHSA-2C7X-W3MX-H7P6 Microweber file upload vulnerability
File Upload vulnerability in Microweber v.2.0.4 allows a remote attacker to execute arbitrary code via a crafted script to the file upload function in the created forms component...