96 matches found
CVE-2020-18022
Cross Site Scripting XSS in Qibosoft QiboCMS v7 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information by injecting arbitrary commands in a HTTP request to the "ewebeditor\3.1.1\kindeditor.js" component...
CVE-2020-18022
CVE-2020-18022 affects Qibosoft QiboCMS v7 and earlier via a flaw in the embedded editor component (ewebeditor 3.1.1 / kindeditor.js). The vulnerability allows remote attackers to inject commands through HTTP requests, enabling Cross Site Scripting (XSS) that can lead to arbitrary code execution ...
XSS Vulnerability in KindEditor Editor
KindEditor is a powerful free HTML editor. KindEditor editor has an XSS vulnerability that can be exploited by attackers to obtain user cookie information...
KindEditor is vulnerable to XSS
KindEditor is a set of open source online HTML editor . KindEditor has an XSS vulnerability that can be exploited by attackers to obtain user cookie information...
Directory Traversal Vulnerability in KindEditor Editor
KindEditor is a set of open source online HTML editor . A directory traversal vulnerability exists in the KindEditor editor. An attacker can exploit this vulnerability to obtain sensitive information...
CVE-2019-7543
In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting XSS vulnerability...
Cross site scripting
In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting XSS vulnerability...
CVE-2019-7543
In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting XSS vulnerability...
CVE-2019-7543
KindEditor 4.1.11 is affected by a reflected XSS via the php/demo.php content1 parameter. The vulnerability allows an attacker to inject JavaScript that executes in the victim’s browser, potentially leading to session hijacking, defacement, or theft of sensitive information. Root cause: improper ...
CVE-2019-7543
In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting XSS vulnerability...
Directory Traversal
kindeditor is vulnerable to directory traversal attacks. The vulnerability exists in php/uploadjson.php where directory information can be listed in the kindeditor/attached/ folder via the path parameter...
Path traversal
KindEditor through 4.1.11 has a path traversal vulnerability in php/uploadjson.php. Anyone can browse a file or directory in the kindeditor/attached/ folder via the path parameter without authentication...
CVE-2018-18950
KindEditor through 4.1.11 has a path traversal vulnerability in php/uploadjson.php. Anyone can browse a file or directory in the kindeditor/attached/ folder via the path parameter without authentication...
CVE-2018-18950
KindEditor through 4.1.11 has a path traversal vulnerability in php/uploadjson.php. Anyone can browse a file or directory in the kindeditor/attached/ folder via the path parameter without authentication...
CVE-2018-18950
KindEditor prior to 4.1.11 is affected by a path traversal vulnerability in php/upload_json.php, enabling anyone to browse files/directories under kindeditor/attached/ via the path parameter without authentication. This is a unauthenticated information disclosure/vulnerability that can expose pri...
CVE-2018-18950
KindEditor through 4.1.11 has a path traversal vulnerability in php/uploadjson.php. Anyone can browse a file or directory in the kindeditor/attached/ folder via the path parameter without authentication...
Remote File Upload
kindeditor is vulnerable to remote file upload. The library does not check whether a user has the permission to upload files to the system, allowing a malicious user to upload an arbitrary file to the system through a POST request to the php/uploadjson.php file...
KindEditor cross-site scripting vulnerability
No description provided by source...
KindEditor is vulnerable to XSS
KindEditor is a set of open source HTML visual editor , mainly used to allow users to get WYSIWYG editing effect on the site , compatible with IE, Firefox, Chrome, Safari, Opera and other major browsers . KindEditor has an XSS vulnerability. An attacker can exploit the vulnerability by uploading...
Reflective Cross-Site Scripting Vulnerability in Kindeditor
KindEditor is a set of open source online HTML editor . Kindeditor suffers from a reflective cross-site scripting vulnerability. Allows an attacker to construct XSS statements , pop-up box operation , to obtain user cookies and other information...