Scada-LTS 代码注入漏洞

Scada-LTS is an open source, web-based, multi-platform solution from Scada-LTS Open Source. A code injection vulnerability exists in Scada-LTS version 2.7.8.1, which stems from improper manipulation of the pointHierarchy/new/fileTitle parameter and could lead to a cross-site scripting attack...

CVE-2024-7660

A vulnerability has been found in SourceCodester File Manager App 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Add File Handler. The manipulation of the argument File Title/Uploaded By leads to cross site scripting. The attack can ...

SourceCodester File Manager 安全漏洞

SourceCodester File Manager is a file manager. A security vulnerability exists in SourceCodester File Manager version 1.0, which stems from a cross-site scripting vulnerability in the File Title/Uploaded By parameter of the Add File Handler component...

PT-2024-38488 · Unknown · Sourcecodester File Manager App

Name of the Vulnerable Software and Affected Versions: SourceCodester File Manager App version 1.0 Description: A vulnerability has been found in the SourceCodester File Manager App, affecting an unknown functionality of the component Add File Handler. The manipulation of the argument File...

CVE-2021-4365

The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in versions up to, and including, 18.2. This is due to lacking authentication protections and santisation all on the wpfmeditfiletitledesc AJAX action. This makes it possible for...

Cross site scripting

Cross-site scripting XSS vulnerability in October CMS build 271 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving a file title, a different vulnerability than CVE-2015-5612...

CVE-2015-5613

Cross-site scripting XSS vulnerability in October CMS build 271 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving a file title, a different vulnerability than CVE-2015-5612...

Radiant CMS 1.1.3 Cross Site Scripting

Exploit Title: Radiant CMS 1.1.3 - Mutiple Persistant XSS Vulnerabilities Exploit Author: David Silveiro Exploit Author Github: github.com/davidsilveiro Exploit Author Twitter: twitter.com/davidsilveiro Vendor Homepage: http://radiantcms.org/ Software Link: http://radiantcms.org/download/ Date:...

Radiant CMS 1.1.3 - Multiple Persistent Cross-Site Scripting

Exploit for ruby platform in category web applications Exploit Title: Radiant CMS 1.1.3 - Mutiple Persistant XSS Vulnerabilities Exploit Author: David Silveiro Exploit Author Github: github.com/davidsilveiro Exploit Author Twitter: twitter.com/davidsilveiro Vendor Homepage: http://radiantcms.org/...

Udemy: XSS on https://www.udemy.com/asset/export.html

Description https://www.udemy.com/asset/export.html is used to generate a content of a lecture and it will be dispalyed on https://www.udemy.com/staticx/udemy/flash/udemypresentation.player.swf?. https://www.udemy.com/asset/export.html contain json response but the content type is text/html,...

CVE-2014-2040

Multiple cross-site scripting XSS vulnerabilities in the 1 callbackmulticheck, 2 callbackradio, and 3 callbackwysiwygin functions in mfrhclass.settings-api.php in the Media File Renamer plugin 1.7.0 for WordPress allow remote authenticated users with permissions to add media or edit media to inje...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Vessio NetBill 1.2 allow remote attackers to inject arbitrary web script or HTML via the 1 full name or 2 file title to accounts/admin/index.php or 3 comment parameter in the support page to accounts/index2.php...