Lucene search
K

15797 matches found

OSV
OSV
added 2025/05/08 8:46 a.m.7 views

BIT-OPENCART-2025-1749 HTML injection vulnerability in OpenCart

HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. These vulnerabilities could allow an attacker to modify the HTML of the victim's browser by sending a malicious URL and modifying the parameter name in /account/voucher...

4.7CVSS5AI score0.00237EPSS
Exploits0References2
OSV
OSV
added 2025/05/08 8:46 a.m.5 views

BIT-OPENCART-2025-1748 HTML injection vulnerability in OpenCart

HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. These vulnerabilities could allow an attacker to modify the HTML of the victim's browser by sending a malicious URL and modifying the parameter name in /account/register...

4.7CVSS5AI score0.00237EPSS
Exploits0References2
OSV
OSV
added 2025/05/08 8:46 a.m.5 views

BIT-OPENCART-2025-1747 HTML injection vulnerability in OpenCart

HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. These vulnerabilities could allow an attacker to modify the HTML of the victim's browser by sending a malicious URL and modifying the parameter name in /account/login...

4.7CVSS5AI score0.00237EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/08 12:0 a.m.9 views

CVE-2023-51295

PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the "name, pluginsmsapikey, pluginsmscountrycode, title, pluginsmsapikey, title" parameters...

0.00316EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2025/05/08 12:0 a.m.8 views

CVE-2023-51295

PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the "name, pluginsmsapikey, pluginsmscountrycode, title, pluginsmsapikey, title" parameters...

6.5AI score0.00316EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2025/05/08 12:0 a.m.5 views

PT-2025-20388 · Phpjabbers · Phpjabbers Event Booking Calendar

Name of the Vulnerable Software and Affected Versions: PHPJabbers Event Booking Calendar version 4.0 Description: The issue concerns multiple HTML injection vulnerabilities in the name, plugin sms api key, plugin sms country code, and title parameters. This allows for potential malicious code...

6.5CVSS7AI score0.00316EPSS
Exploits2References8
CVE
CVE
added 2025/05/08 12:0 a.m.51 views

CVE-2023-51295

CVE-2023-51295 affects PHPJabbers Event Booking Calendar v4.0, with multiple HTML injection vulnerabilities in parameters name, plugin_sms_api_key, plugin_sms_country_code, and title. The issue is a stored HTML injection risk documented across multiple sources; impact is low to moderate (CVSS v3....

6.5CVSS7AI score0.00316EPSS
Exploits2References3Affected Software1
NVD
NVD
added 2025/05/07 6:15 p.m.10 views

CVE-2025-20216

A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user. This vulnerability is due to improper sanitization of input to the web interface. An...

4.7CVSS0.00279EPSS
Exploits0References1
OSV
OSV
added 2025/05/07 6:15 p.m.3 views

CVE-2025-20216

A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user. This vulnerability is due to improper sanitization of input to the web interface. An...

4.3CVSS5.8AI score0.00279EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/07 5:18 p.m.14 views

CVE-2025-20216 Cisco Catalyst SD-WAN Manager Reflected HTML Injection Vulnerability

A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user. This vulnerability is due to improper sanitization of input to the web interface. An...

4.7CVSS0.00279EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/07 5:18 p.m.5 views

CVE-2025-20216 Cisco Catalyst SD-WAN Manager Reflected HTML Injection Vulnerability

A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user. This vulnerability is due to improper sanitization of input to the web interface. An...

4.7CVSS4.7AI score0.00279EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 5:18 p.m.55 views

CVE-2025-20216

Cisco CVE-2025-20216 affects Cisco Catalyst SD-WAN Manager (formerly vManage). The issue is HTML injection via the web interface due to improper input sanitization. An unauthenticated, remote attacker could entice an authenticated user to click a malicious link, injecting HTML into the user’s bro...

4.7CVSS4.7AI score0.00279EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2025/05/07 4:0 p.m.9 views

Cisco Catalyst SD-WAN Manager Reflected HTML Injection Vulnerability

A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user. This vulnerability is due to improper sanitization of input to the web interface. An...

4.7CVSS5AI score0.00279EPSS
Exploits0References1
NVD
NVD
added 2025/05/07 2:15 p.m.6 views

CVE-2025-29154

HTML injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the .galera.app/ted/solicitacaotreinamento/, .galera.app/rh/metas/perspectivaestrategica/edicao/, .galera.app/rh/cadastros/perspectivas/listagem/adc/,...

6.5CVSS0.00421EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/07 12:0 a.m.9 views

CVE-2025-29154

HTML injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the .galera.app/ted/solicitacaotreinamento/, .galera.app/rh/metas/perspectivaestrategica/edicao/, .galera.app/rh/cadastros/perspectivas/listagem/adc/,...

0.00421EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.2 views

Cisco Catalyst SD-WAN Manager 注入漏洞

Cisco Catalyst SD-WAN Manager Cisco SD-WAN vManage is a highly customizable dashboard from Cisco, Inc. that simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. An injection vulnerability exists in Cisco Catalyst SD-WAN Manager that stems from imprope...

4.7CVSS6.8AI score0.00279EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.3 views

Leme Consultoria HCM galera.app 安全漏洞

Leme Consultoria HCM galera.app is a human resource management system from Leme Consultoria, a Brazilian company that provides a full employee lifecycle management solution. A security vulnerability exists in Leme Consultoria HCM galera.app version 4.58.0, which originates from HTML injection and...

6.5CVSS7.1AI score0.00421EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/05/07 12:0 a.m.4 views

CVE-2025-29154

HTML injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the .galera.app/ted/solicitacaotreinamento/, .galera.app/rh/metas/perspectivaestrategica/edicao/, .galera.app/rh/cadastros/perspectivas/listagem/adc/,...

6.8AI score0.00421EPSS
Exploits0References2
CVE
CVE
added 2025/05/07 12:0 a.m.45 views

CVE-2025-29154

CVE-2025-29154 affects lemesconsultoria HCM galera.app v4.58.0. HTML injection in multiple endpoints (e.g., /ted/solicitacao_treinamento/, /rh/metas/perspectiva_estrategica/edicao/, /escolaridade/listagem/, /estados_civis/cadastro/, /colaborador/cadastro/adc/, etc.) can lead to arbitrary code exe...

6.5CVSS7.5AI score0.00421EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.4 views

Cisco Catalyst SD-WAN Manager Reflected HTML Injection (cisco-sa-vmanage-html-inj-GxVtK6zj)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an...

4.7CVSS5.6AI score0.00279EPSS
Exploits0References3
Rows per page
Query Builder