374 matches found
Bug Finder ICOGenie 跨站脚本漏洞
Bug Finder ICOGenie is a powerful and versatile script from Bug Finder, Inc. designed to easily launch and manage successful token products. A cross-site scripting vulnerability exists in Bug Finder ICOGenie version 1.0, which stems from the presence of unknown code in the file /user/ticket/creat...
Bug Finder EX-RATE 跨站脚本漏洞
Bug Finder EX-RATE is a currency exchange solution from Bug Finder, Inc. A cross-site scripting vulnerability exists in Bug Finder EX-RATE version 1.0, which stems from some unknown processing in the file /user/ticket/create in the component Ticket Handler, leading to cross-site scripting via the...
Bug Finder Wedding Wonders 跨站脚本漏洞
Bug Finder Wedding Wonders is a matchmaking and marriage platform from Bug Finder, Inc. A cross-site scripting vulnerability exists in Bug Finder Wedding Wonders version 1.0, which stems from some unknown processing in the file /user/ticket/create in the component Ticket Handler, leading to...
Bug Finder Montage 跨站脚本漏洞
Bug Finder Montage is a complete web platform for hotel/resort booking and property sales solutions from Bug Finder, Inc. A cross-site scripting vulnerability exists in Bug Finder Montage version 1.0, which stems from some unknown processing in the file /user/ticket/create in the component Ticket...
Bug Finder MineStack 跨站脚本漏洞
Bug Finder MineStack is a digital mining platform from Bug Finder, Inc. A cross-site scripting vulnerability exists in Bug Finder MineStack version 1.0, which stems from some unknown processing in the file /user/ticket/create in the component Ticket Handler, leading to cross-site scripting via th...
PT-2023-26364 · Unknown · Bug Finder Montage
Name of the Vulnerable Software and Affected Versions: Bug Finder Montage version 1.0 Description: A vulnerability was found in the Ticket Handler component, specifically in the unknown functionality of the file /user/ticket/create. The manipulation of the message argument leads to cross-site...
PT-2023-26340 · Unknown · Bug Finder Listplace Directory Listing Platform
Name of the Vulnerable Software and Affected Versions: Bug Finder Listplace Directory Listing Platform version 3.0 Description: A vulnerability was found in the HTTP POST Request Handler component, specifically affecting some unknown functionality of the file /listplace/user/ticket/create. The...
Bug Finder Listplace 跨站脚本漏洞
Bug Finder Listplace is a powerful directory listing platform from Bug Finder, Inc. A cross-site scripting vulnerability exists in Bug Finder Listplace Directory Listing Platform version 3.0, which stems from an unknown function in the file /listplace/user/ticket/create in the component's HTTP PO...
PT-2023-26014 · Creativeitem · Ekushey Project Manager Crm
Name of the Vulnerable Software and Affected Versions: Creativeitem Ekushey Project Manager CRM version 5.0 Description: A problematic vulnerability was found in the software, affecting an unknown function of the file /index.php/client/message/message read/xxxxxxxxrandom-msg-hash. The manipulatio...
Creativeitem Ekushey Project Manager CRM 跨站脚本漏洞
Creativeitem Ekushey Project Manager CRM is a project management application from Creativeitem Bangladesh. A cross-site scripting vulnerability exists in Creativeitem Ekushey Project Manager CRM version 5.0, which stems from a cross-site scripting XSS vulnerability in the parameter message...
CVE-2023-30453
The Teamlead Reminder plugin through 2.6.5 for Jira allows persistent XSS via the message parameter...
Cross site scripting
The Teamlead Reminder plugin through 2.6.5 for Jira allows persistent XSS via the message parameter...
Atlassian Jira Teamlead Reminder plugin 跨站脚本漏洞
Teamlead Reminder is a plugin from Teamlead, Inc. A security vulnerability exists in Atlassian Jira Teamlead Reminder plugin version 2.6.5, which originates from a stored cross-site scripting attack via the message parameter...
CVE-2023-2922
A vulnerability classified as problematic has been found in SourceCodester Comment System 1.0. Affected is an unknown function of the file index.php of the component GET Parameter Handler. The manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack...
SourceCodester Comment System 跨站脚本漏洞
Plohni Advanced Comment System is a comment system by Plohni Individual Developers. A cross-site scripting vulnerability exists in SourceCodester Comment System version 1.0 due to an unknown function in the file index.php in the component GET Parameter Handler, which could lead to cross-site...
Lost and Found Information System 跨站脚本漏洞
Lost and Found Information System is a lost and found information system by the individual developer of oretnom23. A cross-site scripting vulnerability exists in Lost and Found Information System version 1.0, which stems from the fact that incorrect manipulation of the parameters...
PT-2023-23367 · Unknown · Prestashop
Name of the Vulnerable Software and Affected Versions: PrestaShop version 1.7.7.4 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the message parameter in "/contactform/contactform.php". Recommendations: F...
CVE-2023-1806
The WP Inventory Manager WordPress plugin before 2.1.0.12 does not sanitise and escape the message parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrators...
CVE-2023-1806 WP Inventory Manager < 2.1.0.12 - Reflected XSS
The WP Inventory Manager WordPress plugin before 2.1.0.12 does not sanitise and escape the message parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as administrators...
eslint-detailed-reporter 跨站脚本漏洞
eslint-detailed-reporter is a detailed HTML reporting program for ESLINT by the individual developer Marcelo Sauerbrunn Portugal. A cross-site scripting vulnerability exists in eslint-detailed-reporter prior to version 0.9.0, which stems from a security issue in the function renderIssue in the...