100 matches found
CuppaCMS Cross-Site Scripting Vulnerability (CNVD-2019-00811)
CuppaCMS is a content management system CMS. A cross-site scripting vulnerability exists in CuppaCMS. A remote attacker can exploit this vulnerability by uploading a specially crafted SVG document to the administrator//component/tablemanager/view/cuviews URI to execute JavaScript script...
CVE-2018-13323
Cross-site scripting in detail.html in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to execute JavaScript via the "username" cookie...
statics-server cross-site scripting vulnerability
statics-server is a static file server. A cross-site scripting vulnerability exists in statics-server 0.0.9 and earlier versions. A remote attacker can exploit this vulnerability by injecting an iframe into a file name to execute arbitrary JavaScript code...
CVE-2018-1000087
WolfCMS version version 0.8.3.1 contains a Reflected Cross Site Scripting vulnerability in "Create New File" and "Create New Directory" input box from 'files' Tab that can result in Session Hijacking, Spread Worms,Control the browser remotely. . This attack appear to be exploitable via Attacker c...
Adobe Experience Manager Cross-Site Scripting Vulnerability
Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...
Stored XSS Vulnerability in Full Version of UEditor
UEditor is developed by Baidu web front-end R & D Department of WYSIWYG rich text web editor . A stored XSS vulnerability exists in all versions of UEditor. An attacker can exploit this vulnerability to execute javascript code in a file...
Google Chrome < 59.0.3071.86 Multiple Vulnerabilities
Binary data 700131.pasl...
Aries QWR-1104 Wireless-N Cross Site Scripting
Exploit Title: Aries QWR-1104 Wireless-N Router Execute JavaScript in Wireless Site Survey page. Date: 26-05-2017 Vendor Homepage : http://www.ariesnetworks.net/ Firmware Version: WRC.253.2.0913 Exploit Author: Touhid M.Shaikh Contact: http://twitter.com/touhidshaikh22 Website:...
QWR-1104 Wireless-N Router - Cross-Site Scripting
QWR-1104 Wireless-N Router - Cross-Site Scripting Exploit Title: Aries QWR-1104 Wireless-N Router Execute JavaScript in Wireless Site Survey page. Date: 26-05-2017 Vendor Homepage : http://www.ariesnetworks.net/ Firmware Version: WRC.253.2.0913 Exploit Author: Touhid M.Shaikh Contact:...
QWR-1104 Wireless-N Router - Cross-Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Aries QWR-1104 Wireless-N Router Execute JavaScript in Wireless Site Survey page. Date: 26-05-2017 Vendor Homepage : http://www.ariesnetworks.net/ Firmware Version: WRC.253.2.0913 Exploit Author: Touhid M.Shaikh Contact:...
IBM Kenexa LCMS Premier on Cloud Cross-Site Scripting Vulnerability
IBM Kenexa LCMS Premier on Cloud is an adjustable Learning Content Management System LCMS for developing, maintaining, and delivering effective employee training from IBM USA. A cross-site scripting vulnerability exists in IBM Kenexa LCMS Premier on Cloud. A remote attacker could exploit this...
Mozilla: Local files or privileged URLs in pages can be opened into new tabs (MFSA 2015-60)
Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions. NOTE: this vulnerability exists because of a...
Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-668-1
Ubuntu Update for Linux kernel vulnerabilities USN-668-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6681.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-668-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networ...
CVE-2005-4150
Cross-site scripting XSS vulnerability in the portal login page in Computer Associates CleverPath 4.7 allows remote attackers to execute Javascript via unknown vectors...
Mozilla Firefox < 3.0.11 Multiple Vulnerabilities
Binary data 5072.prm...
CVE-2002-1649
Cross-site scripting XSS vulnerability in readbody.php in SquirrelMail before 1.2.3 allows remote attackers to execute arbitrary Javascript via a javascript: URL in an IMG tag...
CVE-2002-0459
Cross-site scripting vulnerability in Board-TNK 1.3.1 and earlier allows remote attackers to execute arbitrary Javascript via the WEB parameter...
CVE-2001-1351
Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers...
CVE-2001-1350
Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter...
XSS vulnerability on password reset page
Impact For Mautic versions prior to 3.3.4, there is an XSS vulnerability on Mautic's password reset page where a vulnerable parameter, "bundle," in the URL could allow an attacker to execute Javascript code. The attacker would be required to convince or trick the target into clicking a password...