Moodle HTML Injection Vulnerability (CNVD-2017-00905)

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. Moodle suffers from an HTML injection vulnerability due to the program failing to...

MoinMoin HTML Injection Vulnerability

MoinMoin is a set of open source , scalable wiki engine program based on the Python environment . An HTML injection vulnerability exists in MoinMoin version 1.9.8. A remote attacker can exploit this vulnerability to inject arbitrary JS code...

Novell NetIQ Identity Manager HTML Injection Vulnerability

NetIQ Designer for Identity Manager is a suite of graphical interface tools for configuring and deploying Identity Manager, a comprehensive solution for providing identity and control access, from NetIQ USA. An html injection vulnerability exists in Novell NetIQ Identity Manager versions prior to...

CVE-2016-1592

XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the nrfEntitlementReport.do CGI...

Wordpress simplified-content plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites on PHP and MySQL servers. simplified-content is one of the plug-ins used to simplify the content. A cross-site scripting vulnerability exists in...

Novell GroupWise HTML Injection Vulnerability

Novell GroupWise is a cross-platform collaboration software. An HTML injection vulnerability exists in Novell GroupWise 2014 SP1, 2014 R2 SP1, and 2014 versions, which stems from the program failing to adequately filter user-submitted input. An attacker could be allowed to exploit the vulnerabili...

Foreman HTML Injection Vulnerability

Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides features such as service provisioning, configuration management, and status reporting. An HTML injection vulnerability exists in Foreman, which arises from the program's failure to adequately...

Multiple Vulnerabilities in Digitalstrom Konfigurator

The Digitalstrom Konfigurator is a smart home device from the Swiss company Digitalstrom. HTML injection vulnerabilities and cross-site scripting vulnerabilities exist in Digitalstrom Konfigurator. These vulnerabilities can be exploited by remote attackers to perform unauthorized actions, execute...

The vulnerabilities in the Moodle learning management system allow a hacker to inject arbitrary Web or HTML code.

The multiple vulnerabilities of the Moodle learning management system’s SCORM module exist due to the lack of measures taken to protect the website structure. Exploiting these vulnerabilities allows a malicious actor to inject arbitrary Web or HTML code using a specially created name for the...

markdown-it and NodeBB HTML Injection Vulnerabilities

markdown-it is a parser product. NodeBB is a forum system developed by the Design Create Play team and built using Node.js, a web application platform built on top of Google's V8 JavaScript engine. An HTML injection vulnerability exists in markdown-it versions prior to 4.1.0 and NodeBB versions...

TheHostingTool HTML Injection Vulnerability

TheHostingTool is a set of open source free PHP-based hosting applications. TheHostingTool suffers from an HTML injection vulnerability. An attacker can exploit the vulnerability to execute arbitrary HTML or JavaScript code in the context of an affected site...

Belkin N150 Wireless Home Router HTML Injection Vulnerability

Belkin N150 Wireless Home is a wireless router product from Belkin USA. An HTML injection vulnerability exists in the Belkin N150 Wireless Home Router, which can be exploited by an attacker to execute arbitrary HTML...

Let's PHP! p++BBS HTML Injection Vulnerability

Let's PHP! p++BBS is a bulletin board system. Let's PHP! p++BBS suffers from an HTML injection vulnerability that can be exploited by remote attackers to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack user sessions when malicious data is viewed...

Cisco Firepower 9000 Series Switches HTML Injection Vulnerability

Cisco Firepower 9000 Series Switches are Cisco 9000 series switch products. An HTML injection vulnerability exists in Cisco Firepower 9000 Series Switches. This vulnerability allows remote attackers to execute arbitrary HTML or script code in the context of an affected browser to steal cookie-bas...

The vulnerability of Google Chrome browser allows a hacker to execute arbitrary code.

The vulnerability of Google Chrome’s browser, based on cross-site scripting, allows a malicious actor to inject arbitrary HTML code by creating special pointers to the “Browser Favorites” element...

NetCat.ru NetCat CMS HTML Injection Vulnerability

NetCat.ru NetCat CMS is a content management system. An HTML injection vulnerability exists in NetCat.ru NetCat CMS, which allows remote attackers to exploit the vulnerability by submitting a special request for an HTML injection attack...

Barracuda Networks IM Firewall HTML Injection Vulnerability

Barracuda Networks IM Firewall is an instant messaging solution from Barracuda Networks that integrates an IM server, client management and security measures. The solution provides keyword identification and reporting, file transfer, IM traffic identification and logging. An HTML injection...

Barracuda Networks Web Application Firewall 660 HTML Injection Vulnerability

Barracuda Networks Web Application Firewall 660 is a web application firewall from Barracuda Networks. An HTML injection vulnerability exists in the cgi-mod/index.cgi file in the Barracuda Networks Web Application Firewall 660. When a user browses the affected site, their browser will execute...

CreA8social 'Add Game' Field HTML Injection Vulnerability

CreA8social is a social networking platform. An HTML injection vulnerability exists in the CreA8social 'Add Game' field, where attacker-supplied HTML or JavaScript code can run on the affected site. This allows an attacker to steal cookie-based authentication credentials and control the content...

Multiple HTML Injection Vulnerabilities in MyBB

MyBB is a popular forum program. MyBB suffers from multiple HTML injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can execute the provided HTML and script code in the context of the affected site...