3946 matches found
CVE-2020-29469
WonderCMS 3.1.3 is affected by cross-site scripting XSS in the Menu component. This vulnerability can allow an attacker to inject the XSS payload in the Setting - Menu and each time any user will visits the website directory, the XSS triggers and attacker can steal the cookie according to the...
CVE-2020-29469
WonderCMS 3.1.3 is affected by cross-site scripting XSS in the Menu component. This vulnerability can allow an attacker to inject the XSS payload in the Setting - Menu and each time any user will visits the website directory, the XSS triggers and attacker can steal the cookie according to the...
Cross site scripting
WonderCMS 3.1.3 is affected by cross-site scripting XSS in the Menu component. This vulnerability can allow an attacker to inject the XSS payload in the Setting - Menu and each time any user will visits the website directory, the XSS triggers and attacker can steal the cookie according to the...
CVE-2020-29469
WonderCMS 3.1.3 is affected by cross-site scripting XSS in the Menu component. This vulnerability can allow an attacker to inject the XSS payload in the Setting - Menu and each time any user will visits the website directory, the XSS triggers and attacker can steal the cookie according to the...
CVE-2020-29469
CVE-2020-29469 affects WonderCMS 3.1.3 with a cross-site scripting (XSS) flaw in the Menu component. The vulnerability lets an attacker inject arbitrary scripts via the Menu settings, which are then executed when users visit the site directory, enabling cookie theft per the documented payload exa...
WonderCMS 跨站脚本漏洞
WonderCMS is an open source, fast, small and simple flat file cms. A cross-site scripting vulnerability exists in the Menu component in WonderCMS 3.1.3. An attacker can exploit this vulnerability to steal cookies...
CVE-2020-9439
Multiple cross-site scripting XSS vulnerabilities in Uncanny Owl Tin Canny LearnDash Reporting before 3.4.4 allows authenticated remote attackers to inject arbitrary web script or HTML via the searchkey GET Parameter in TinCanContentListTable.php, message GET Parameter in licensing.php,...
Flexmonster Pivot Table & Charts 2.7.17 - 'To remote CSV' Reflected XSS
Exploit Title: Flexmonster Pivot Table & Charts 2.7.17 - 'To remote CSV' Reflected XSS Date: 08/01/2020 Exploit Author: Marco Nappi Vendor Homepage: https://www.flexmonster.com/ Version:Flexmonster Pivot Table & Charts 2.7.17 Tested on:Flexmonster Pivot Table & Charts 2.7.17 CVE : CVE-2020-20142...
Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS
Exploit Title: Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS Date: 08/01/2020 Exploit Author: Marco Nappi Vendor Homepage: https://www.flexmonster.com/ Version:Flexmonster Pivot Table & Charts 2.7.17 Tested on:Flexmonster Pivot Table & Charts 2.7.17 CVE : CVE-2020-20141 Cross...
Academy-LMS 4.3 - Stored XSS
Exploit Title: Academy-LMS 4.3 - Stored XSS Date: 19/12/2020 Vendor page: https://academy-lms.com/ Version: 4.3 Tested on Win10 and Google Chrome Exploit Author: Vinicius Alves XSS Payload: 1 Access LMS and log in to admin panel 2 Access courses page 3 Open course manager and SEO menu 4 Paste the...
CVE-2020-20141
Cross Site Scripting XSS vulnerability in the To OLAP XMLA component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...
CVE-2020-20140
Cross Site Scripting XSS vulnerability in Remote Report component under the Open menu in Flexmonster Pivot Table & Charts 2.7.17...
CVE-2020-20139
Cross Site Scripting XSS vulnerability in the Remote JSON component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...
CVE-2020-20142
Cross Site Scripting XSS vulnerability in the "To Remote CSV" component under "Open" Menu in Flexmonster Pivot Table & Charts 2.7.17...
CVE-2020-20142
Cross Site Scripting XSS vulnerability in the "To Remote CSV" component under "Open" Menu in Flexmonster Pivot Table & Charts 2.7.17...
CVE-2020-20141
Cross Site Scripting XSS vulnerability in the To OLAP XMLA component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...
Cross site scripting
Cross Site Scripting XSS vulnerability in the To OLAP XMLA component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...
CVE-2020-20139
CVE-2020-20139 is a reflected XSS vulnerability in Flexmonster Pivot Table & Charts 2.7.17, affecting the Remote JSON component under the Connect menu. The root cause is insufficient input sanitization of the 'path' parameter when fetching file specifications via file_specs.php, enabling potentia...
CVE-2020-20140
Cross Site Scripting XSS vulnerability in Remote Report component under the Open menu in Flexmonster Pivot Table & Charts 2.7.17...
CVE-2020-20141
Cross Site Scripting XSS vulnerability in the To OLAP XMLA component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...