Lucene search
+L

551 matches found

UbuntuCve
UbuntuCve
added 2014/06/16 6:55 p.m.24 views

CVE-2014-3995

Cross-site scripting XSS vulnerability in gravatars/templatetags/gravatars.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django allows remote attackers to inject arbitrary web script or HTML via a user display name...

4.3CVSS6AI score0.02083EPSS
Exploits1References2
OSV
OSV
added 2014/06/16 6:55 p.m.23 views

PYSEC-2014-79

Cross-site scripting XSS vulnerability in gravatars/templatetags/gravatars.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django allows remote attackers to inject arbitrary web script or HTML via a user display name...

4.3CVSS4.1AI score0.02083EPSS
Exploits1References7
Prion
Prion
added 2014/03/12 2:55 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in DotNetNuke DNN before 6.2.9 and 7.x before 7.1.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Display Name field in the Manage Profile...

3.5CVSS5.7AI score0.00944EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Storm
added 2014/01/07 12:0 a.m.30 views

GetSimple CMS 3.1.2 / 3.2.3 Cross Site Scripting

Author Information Author : Ahmed Elhady Mohamed Website : http://1nfosec4all.blogspot.com/ twitter : @kingasmk facebook :https://www.facebook.com/groups/ITsec4all/ Software Information Affected Software : GetSimple CMS 3.2.3, 3.1.2 Software website : http://get-simple.info/ CVE Reference :...

4.3CVSS0.2AI score0.01854EPSS
Exploits2
Atlassian
Atlassian
added 2013/07/16 4:47 p.m.25 views

XSS Vulnerability in AAC - Atlassian ID Display Name is not HTML-encoded on user hover

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-46719. panel Raised from https://extranet.atlassian.com/jira/browse/INTSYS-23426...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/07/16 4:47 p.m.22 views

XSS Vulnerability in AAC - Atlassian ID Display Name is not HTML-encoded on user hover

Raised from https://extranet.atlassian.com/jira/browse/INTSYS-23426...

0.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2013/07/16 4:47 p.m.17 views

XSS Vulnerability in AAC - Atlassian ID Display Name is not HTML-encoded on user hover

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46719. panel Raised from https://extranet.atlassian.com/jira/browse/INTSYS-23426...

0.3AI score
Exploits0
NVD
NVD
added 2013/02/20 12:9 p.m.19 views

CVE-2012-3322

Cross-site scripting XSS vulnerability in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management...

3.5CVSS5.2AI score0.00936EPSS
Exploits0References3
exploitpack
exploitpack
added 2012/03/16 12:0 a.m.18 views

FlexCMS 3.2.1 - Persistent Cross-Site Scripting

FlexCMS 3.2.1 - Persistent Cross-Site Scripting Persistent XSS in FLEXCMS 3.2.1 Software vendor: http://www.flexcms.com/flex/index.html The Persistent XSS appears when any user go to edit profile Display name and then injects the xss code instead of his display name. After inkection this code. In...

6.8AI score
Exploits0
0day.today
0day.today
added 2012/03/16 12:0 a.m.27 views

FlexCMS 3.2.1 for logged in users XSS

Exploit for php platform in category web applications Persistent XSS in FLEXCMS 3.2.1 Software vendor: http://www.flexcms.com/flex/index.html The Persistent XSS appears when any user go to edit profile Display name and then injects the xss code instead of his display name. After inkection this...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2012/03/13 1:0 a.m.24 views

CVE-2012-0195

Cross-site scripting XSS vulnerability in the Start Center Layout and Configuration component in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service...

5.7AI score0.01929EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2011/12/20 5:16 p.m.8 views

tomcat: XSS vulnerability in HTML Manager interface

Multiple cross-site scripting XSS vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag...

4.3CVSS6.1AI score0.10228EPSS
Exploits2References4
Prion
Prion
added 2011/10/24 5:55 p.m.13 views

Sql injection

Multiple SQL injection vulnerabilities in Simple Machines Forum SMF before 1.1.15 and 2.x before 2.0.1 allow remote attackers to execute arbitrary SQL commands via vectors involving a 1 HTML entity or 2 display name. NOTE: some of these details are obtained from third party information...

7.5CVSS8.8AI score0.01144EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2011/10/24 5:0 p.m.22 views

CVE-2011-3615

Multiple SQL injection vulnerabilities in Simple Machines Forum SMF before 1.1.15 and 2.x before 2.0.1 allow remote attackers to execute arbitrary SQL commands via vectors involving a 1 HTML entity or 2 display name. NOTE: some of these details are obtained from third party information...

8.2AI score0.01144EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2011/06/22 11:31 p.m.7 views

tomcat: XSS vulnerability in HTML Manager interface

Multiple cross-site scripting XSS vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag...

4.3CVSS6.1AI score0.10228EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2011/06/22 11:14 p.m.8 views

tomcat: XSS vulnerability in HTML Manager interface

Multiple cross-site scripting XSS vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag...

4.3CVSS6.1AI score0.10228EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2011/05/19 10:55 a.m.6 views

tomcat: XSS vulnerability in HTML Manager interface

Multiple cross-site scripting XSS vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag...

4.3CVSS6.1AI score0.10228EPSS
Exploits2References4
Packet Storm
Packet Storm
added 2010/07/26 12:0 a.m.31 views

WhiteBoard 0.1.30 Blind SQL Injection

WhiteBoard 0.1.30 Multiple Blind SQL Injection Vulnerabilities Name WhiteBoard Vendor http://sarosoftware.com Versions Affected 0.1.30 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-07-24 X. INDEX I. ABOUT THE...

0.4AI score
Exploits0
Prion
Prion
added 2009/05/18 6:30 p.m.17 views

Code injection

Multiple static code injection vulnerabilities in the saveFeed function in rss/feedcreator.class.php in Bitweaver 2.6 and earlier allow 1 remote authenticated users to inject arbitrary PHP code into files by placing PHP sequences into the account's "display name" setting and then invoking...

6.5CVSS7.5AI score0.02126EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2009/05/18 6:0 p.m.29 views

CVE-2009-1677

Multiple static code injection vulnerabilities in the saveFeed function in rss/feedcreator.class.php in Bitweaver 2.6 and earlier allow 1 remote authenticated users to inject arbitrary PHP code into files by placing PHP sequences into the account's "display name" setting and then invoking...

7.1AI score0.02126EPSS
Exploits0References5
Rows per page
Query Builder