CVE-2018-25330 Joomla! EkRishta 2.10 Persistent XSS and SQL Injection

Joomla! extension EkRishta 2.10 contains persistent cross-site scripting and SQL injection vulnerabilities that allow attackers to inject malicious code through profile fields and POST parameters. Attackers can inject script payloads in profile information fields like Address that execute when...

CVE-2021-47917

Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading...

CVE-2021-47732

CMSimple 5.2 contains a stored cross-site scripting vulnerability in the Filebrowser External input field that allows attackers to inject malicious JavaScript. Attackers can place unfiltered JavaScript code that executes when users click on Page or Files tabs, enabling persistent script injection...

CVE-2023-53906

projectSend r1605 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious JavaScript through the custom assets configuration page. Attackers can craft a JavaScript payload in the custom assets section that will execute when other users loa...

EUVD-2023-60224

projectSend r1605 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious JavaScript through the custom assets configuration page. Attackers can craft a JavaScript payload in the custom assets section that will execute when other users loa...

CVE-2023-53906 ProjectSend r1605 Stored Cross-Site Scripting via Custom Assets Page

projectSend r1605 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious JavaScript through the custom assets configuration page. Attackers can craft a JavaScript payload in the custom assets section that will execute when other users loa...

PT-2025-51944

Name of the Vulnerable Software and Affected Versions projectSend version r1605 Description The software contains a stored cross-site scripting issue. Authenticated administrators can inject malicious JavaScript through the custom assets configuration page. An attacker can create a JavaScript...

PT-2024-30556 · Khoj · Khoj

Name of the Vulnerable Software and Affected Versions: Khoj versions prior to 1.15.0 Description: The Automation feature in Khoj allows users to insert arbitrary HTML inside task instructions, resulting in a Stored XSS. The q parameter for the "/api/automation" endpoint does not get correctly...

CVE-2021-29459

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible to persistently inject scripts in XWiki versions prior to 12.6.3 and 12.8. Unregistred users can fill simple text fields. Registered users can fill in their personal information...

Xwiki Platform 跨站脚本漏洞

Xwiki Platform is a wiki platform for creating web collaboration applications from the French company Xwiki. XWiki Platform has a cross-site scripting vulnerability that can be exploited by attackers to persistently inject scripts...

CVE-2020-15536

An issue was discovered in the bestsoftinc Hotel Booking System Pro plugin through 1.1 for WordPress. Persistent XSS can occur via any of the registration fields...

Playable 9.18 Script Insertion / Arbitrary File Upload

Document Title: =============== Playable v9.18 iOS - Multiple Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2198 Release Date: ============= 2020-04-16 Vulnerability Laboratory ID VL-ID: ==================================== 2198...

Bugcrowd Persistent Script Injection / Filter Bypass

Document Title: =============== Bugcrowd Bug Bounty 7 - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1830 ID: b40f63ed19074014df808599e44684f6a18bb6f4f51cf21948ef78df2f56c13b Release Date: ============= 2016-05-10...

Pandora FMS v5.1 SP1 - Persistent SNMP Editor Vulnerability

Document Title: =============== Pandora FMS v5.1 SP1 - Persistent SNMP Editor Vulnerability References Source: ==================== http://vulnerability-lab.com/getcontent.php?id=1356 Release Date: ============= 2015-01-14 Vulnerability Laboratory ID VL-ID: ==================================== 13...

WordPress 3 persistent script injection

OVERVIEW ======== A security flaw in WordPress 3 allows injection of JavaScript into certain text fields. In particular, the problem affects comment boxes on WordPress posts and pages. These don't require authentication by default. The JavaScript injected into a comment is executed when the targe...

Olive File Manager v1.0.1 iOS - Multiple Vulnerabilities

Title: ====== Olive File Manager v1.0.1 iOS - Multiple Vulnerabilities Date: ===== 2013-07-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1009 VL-ID: ===== 1009 Common Vulnerability Scoring System: ==================================== 5.6 Introduction: =============...

SonicWall UTM ES WAF - Input Filter Bypass Vulnerability

Document Title: =============== SonicWall UTM ES WAF - Input Filter Bypass Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=545 Release Date: ============= 2012-08-12 Vulnerability Laboratory ID VL-ID: ==================================== 54...

CodeLock Encrypter v2.7 - Multiple Web Vulnerabilities

Document Title: =============== CodeLock Encrypter v2.7 - Multiple Web Vulnerabilities Release Date: ============= 2011-08-04 Vulnerability Laboratory ID VL-ID: ==================================== 102 Product & Service Introduction: =============================== The PHP/HTML Encryptor & The...

Jira Enterprise 4.0.1 - Multiple Low Risk Vulnerabilities

Jira - Multiple Low Risk Vulnerabilities Versions Affected: 4.0.1 other versions were not checked. Info: JIRA provides issue tracking and project tracking for software development teams to improve code quality and the speed of development. and so forth. External Links:...