NAT32 HTTPD Cross-Site Scripting Vulnerability

NAT32 is a network sharing application. A cross-site scripting vulnerability exists in the NAT32 HTTPD component, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code that can be used to obtain sensitive information or hijack a user session when...

WBCE CMS Cross-Site Scripting Vulnerability (CNVD-2018-02994)

WBCE CMS is an easy-to-use open source content management system based on PHP/MySQL. A cross-site scripting vulnerability exists in WBCE CMS 1.3.1. A remote authenticated administrator can use the "Modify Page" screen to inject arbitrary web script or HTML...

HP UCMDB Foundation Software Cross-Site Scripting Vulnerability

HP UCMDB Foundation Software is able to provide users with bottom-up capabilities that include four parts: infrastructure auto-discovery, data modeling, service mapping definition and service impact analysis. A cross-site scripting vulnerability exists in HP UCMDB Foundation Software, which could...

Coremail Cross-Site Scripting Vulnerability

Coremail mail system is a large-scale enterprise mail system independently developed by the company. A cross-site scripting vulnerability exists in Coremail XT3.0, which allows remote attackers to inject arbitrary Web script or HTML via hyperlinks in document attachments...

WordPress Easy Testimonials Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports in PHP and MySQL servers to set up a personal blog site.WordPress Easy Testimonials is one of the plug-ins that can add information to the sidebar. A cross-site...

CVE-2017-2224

Cross-site scripting vulnerability in Event Calendar WD prior to version 1.0.94 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

WordPress Simple Slideshow Manager Cross-Site Scripting Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in Wordpress Simple Slideshow Manager, which can be exploited by remote attackers...

Atlassian JIRA Server Cross-Site Scripting Vulnerability

Atlassian JIRA Server is a defect tracking management system. A cross-site scripting vulnerability exists in Atlassian JIRA Server, which can be exploited by remote attackers to inject malicious script or HTML code to obtain sensitive information or hijack user sessions...

MantisBT Cross-Site Scripting Vulnerability (CNVD-2017-04990)

MantisBT is the MantisBT team of a Web-based open source defect tracking system . MantisBT suffers from a cross-site scripting vulnerability that allows remote attackers to exploit the vulnerability to inject malicious script or HTML code that can be used to obtain sensitive information or hijack...

Aternity Web Server Cross-Site Scripting Vulnerability

Aternity webserver is a web server. Aternity suffers from a cross-site scripting vulnerability that allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack user sessions when malicious data is viewed...

TYPO3 Static Methods since 2007 Extended Cross-Site Scripting Vulnerability

TYPO3 is a free and open source content management system maintained by the Swiss TYPO3 Association. A cross-site scripting vulnerability in TYPO3 Static Methods since 2007 allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to gain acce...

Epoch Web Mailing List Cross-Site Scripting Vulnerability

Epoch Web Mailing List is a set of web mailing lists from Epoch Japan. Epoch Web Mailing List suffers from a cross-site scripting vulnerability that can be exploited by remote attackers to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack a user's...

Chamlio LMS Cross-Site Scripting Vulnerability

Chamilo is an open source e-learning and content management system. A cross-site scripting vulnerability exists in Chamilo LMS, which allows remote attackers to inject malicious script code into the client side of the affected application module...

CVE-2015-8807

Cross-site scripting XSS vulnerability in the renderVarInputnumber function in horde/framework/Core/lib/Horde/Core/Ui/VarRenderer/Html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote attackers to inject arbitrary web script or HTML via vectors...

Cisco Application Policy Infrastructure Controller Enterprise Module Cross-Site Scripting Vulnerability

Cisco Application Policy Infrastructure Controller Enterprise is an application policy infrastructure control module. A cross-site scripting vulnerability exists in Cisco Application Policy Infrastructure Controller Enterprise, which allows remote attackers to exploit the vulnerability to inject...

Cisco Fog Director Cross-Site Scripting Vulnerability

Cisco Fog Director is an automated management platform for centralized management of multiple applications running at the network edge. The platform enables control of application settings and lifecycles, and supports access to and monitoring of large-scale IoT deployments. A cross-site scripting...

Multiple Cross-Site Scripting Vulnerabilities in SAP NetWeaver

SAP NetWeaver is a service-oriented, integrated application platform. A cross-site scripting vulnerability exists in SAP NetWeaver, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack user...

WordPress Cross-Site Scripting Vulnerability (CNVD-2016-00258)

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Software Foundation. WordPress suffers from a cross-site scripting vulnerability that allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to gain...

IBM Connections Cross-Site Scripting Vulnerability (CNVD-2016-00162)

IBM Connections is a suite of social software platforms. The platform provides advanced analytics and real-time data monitoring capabilities and accelerates web collaboration within and outside the organization through IBM SmartCloud services. IBM Connections suffers from a cross-site scripting...

Moodle cross-site scripting vulnerability (CNVD-2015-07728)

Moodle is a free, open source e-learning software platform. Moodle suffers from a cross-site scripting vulnerability that allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack user sessions when...