15797 matches found
BIT-OPENCART-2025-1749 HTML injection vulnerability in OpenCart
HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. These vulnerabilities could allow an attacker to modify the HTML of the victim's browser by sending a malicious URL and modifying the parameter name in /account/voucher...
BIT-OPENCART-2025-1748 HTML injection vulnerability in OpenCart
HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. These vulnerabilities could allow an attacker to modify the HTML of the victim's browser by sending a malicious URL and modifying the parameter name in /account/register...
BIT-OPENCART-2025-1747 HTML injection vulnerability in OpenCart
HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. These vulnerabilities could allow an attacker to modify the HTML of the victim's browser by sending a malicious URL and modifying the parameter name in /account/login...
CVE-2023-51295
PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the "name, pluginsmsapikey, pluginsmscountrycode, title, pluginsmsapikey, title" parameters...
CVE-2023-51295
PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the "name, pluginsmsapikey, pluginsmscountrycode, title, pluginsmsapikey, title" parameters...
PT-2025-20388 · Phpjabbers · Phpjabbers Event Booking Calendar
Name of the Vulnerable Software and Affected Versions: PHPJabbers Event Booking Calendar version 4.0 Description: The issue concerns multiple HTML injection vulnerabilities in the name, plugin sms api key, plugin sms country code, and title parameters. This allows for potential malicious code...
CVE-2023-51295
CVE-2023-51295 affects PHPJabbers Event Booking Calendar v4.0, with multiple HTML injection vulnerabilities in parameters name, plugin_sms_api_key, plugin_sms_country_code, and title. The issue is a stored HTML injection risk documented across multiple sources; impact is low to moderate (CVSS v3....
CVE-2025-20216
A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user. This vulnerability is due to improper sanitization of input to the web interface. An...
CVE-2025-20216
A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user. This vulnerability is due to improper sanitization of input to the web interface. An...
CVE-2025-20216 Cisco Catalyst SD-WAN Manager Reflected HTML Injection Vulnerability
A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user. This vulnerability is due to improper sanitization of input to the web interface. An...
CVE-2025-20216 Cisco Catalyst SD-WAN Manager Reflected HTML Injection Vulnerability
A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user. This vulnerability is due to improper sanitization of input to the web interface. An...
CVE-2025-20216
Cisco CVE-2025-20216 affects Cisco Catalyst SD-WAN Manager (formerly vManage). The issue is HTML injection via the web interface due to improper input sanitization. An unauthenticated, remote attacker could entice an authenticated user to click a malicious link, injecting HTML into the user’s bro...
Cisco Catalyst SD-WAN Manager Reflected HTML Injection Vulnerability
A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user. This vulnerability is due to improper sanitization of input to the web interface. An...
CVE-2025-29154
HTML injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the .galera.app/ted/solicitacaotreinamento/, .galera.app/rh/metas/perspectivaestrategica/edicao/, .galera.app/rh/cadastros/perspectivas/listagem/adc/,...
CVE-2025-29154
HTML injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the .galera.app/ted/solicitacaotreinamento/, .galera.app/rh/metas/perspectivaestrategica/edicao/, .galera.app/rh/cadastros/perspectivas/listagem/adc/,...
Cisco Catalyst SD-WAN Manager 注入漏洞
Cisco Catalyst SD-WAN Manager Cisco SD-WAN vManage is a highly customizable dashboard from Cisco, Inc. that simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. An injection vulnerability exists in Cisco Catalyst SD-WAN Manager that stems from imprope...
Leme Consultoria HCM galera.app 安全漏洞
Leme Consultoria HCM galera.app is a human resource management system from Leme Consultoria, a Brazilian company that provides a full employee lifecycle management solution. A security vulnerability exists in Leme Consultoria HCM galera.app version 4.58.0, which originates from HTML injection and...
CVE-2025-29154
HTML injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the .galera.app/ted/solicitacaotreinamento/, .galera.app/rh/metas/perspectivaestrategica/edicao/, .galera.app/rh/cadastros/perspectivas/listagem/adc/,...
CVE-2025-29154
CVE-2025-29154 affects lemesconsultoria HCM galera.app v4.58.0. HTML injection in multiple endpoints (e.g., /ted/solicitacao_treinamento/, /rh/metas/perspectiva_estrategica/edicao/, /escolaridade/listagem/, /estados_civis/cadastro/, /colaborador/cadastro/adc/, etc.) can lead to arbitrary code exe...
Cisco Catalyst SD-WAN Manager Reflected HTML Injection (cisco-sa-vmanage-html-inj-GxVtK6zj)
According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an...