e017 CMS Cross-Site Scripting Vulnerability

e017 CMS is a content management system by e017. A cross-site scripting vulnerability exists in e017 CMS version v.2.3.2. An attacker can exploit this vulnerability by executing arbitrary code on the name field in the Manage Menu via a specially crafted script...

PT-2023-29019 · E017 Cms · E017 Cms

Name of the Vulnerable Software and Affected Versions: e017 CMS version 2.3.2 Description: A Cross Site Scripting XSS issue allows a local attacker to execute arbitrary code via a crafted script to the Copyright and Author fields in the Meta & Custom Tags Menu. This enables the attacker to perfor...

CVE-2023-43874

Multiple Cross Site Scripting XSS vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Copyright and Author fields in the Meta & Custom Tags Menu...

PT-2023-29024 · Ritecms · Ritecms

Name of the Vulnerable Software and Affected Versions: Rite CMS version 3.0 Description: The issue allows attackers to execute arbitrary code via a crafted payload into the Global Content Blocks in the Administration Menu. This is a Cross-Site scripting XSS issue. Recommendations: For Rite CMS...

PT-2023-29023 · Ritecms · Ritecms

Name of the Vulnerable Software and Affected Versions: Rite CMS version 3.0 Description: The issue allows attackers to execute arbitrary code via a crafted payload into the Main Menu Items in the Administration Menu. This is a result of Multiple Cross-Site scripting XSS vulnerabilities...

CVE-2023-43878

Rite CMS 3.0 has Multiple Cross-Site scripting XSS vulnerabilities that allow attackers to execute arbitrary code via a crafted payload into the Main Menu Items in the Administration Menu...

September 26, 2023—KB5030310 (OS Build 22621.2361) Preview

September 26, 2023—KB5030310 OS Build 22621.2361 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 22H2, see its update history page. Note Follow @WindowsUpdate ...

CVE-2023-41443

SQL injection vulnerability in Novel-Plus v.4.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /sys/menu/list...

Easy Admin Menu <= 1.3 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

PT-2023-27946 · Unknown · Novel-Plus

Name of the Vulnerable Software and Affected Versions: Novel-Plus version 4.1.0 Description: The issue allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in the "/sys/menu/list" API endpoint. This enables the attacker to inject malicious SQL code,...

Novel-Plus SQL Injection Vulnerability

Novel-Plus is an online social reading and writing platform from Novel-Plus, Inc. A security vulnerability exists in Novel-Plus version v.4.1.0 that originates from a vulnerability that allows remote attackers to use a crafted script to execute arbitrary code via the sort parameter in...

CVE-2023-5026

A vulnerability classified as problematic has been found in Tongda OA 11.10. Affected is an unknown function of the file /general/ipanel/menucode.php?MENUTYPE=FAV. The manipulation of the argument OASUBWINDOW leads to cross site scripting. It is possible to launch the attack remotely. The exploit...

PT-2023-31514 · Tongda Oa · Tongda Oa

Name of the Vulnerable Software and Affected Versions: Tongda OA version 11.10 Description: A problematic issue has been found in Tongda OA, affecting an unknown function of the file /general/ipanel/menu code.php?MENU TYPE=FAV. The manipulation of the OA SUB WINDOW argument leads to cross-site...

CVE-2023-41436

Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...

CVE-2023-41436

Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...

Cross site scripting

Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...

CVE-2023-41436

Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...

CSZCMS Cross-Site Scripting Vulnerability

CSZCMS is an open source web application that allows managing all content and settings on a website. A security vulnerability exists in CSZCMS version v.1.3.0, which originates from a cross-site scripting vulnerability in the Additional Meta Tag parameter of the Pages Content Menu component...

CVE-2023-41436

Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter in the Pages Content Menu component...

PT-2023-27680 · Moosocial · Moosocial

Name of the Vulnerable Software and Affected Versions: mooSocial Software versions 3.1.6 through 3.1.7 Description: The issue allows a remote attacker to execute arbitrary code via a crafted script to the edit menu, copuon, and group categorias functions. This enables the attacker to perform...