CVE-2017-20057 Elefant CMS Persistent cross site scriting

A vulnerability classified as problematic has been found in Elefant CMS 1.3.12-RC. Affected is an unknown function. The manipulation of the argument username leads to basic cross site scripting Persistent. It is possible to launch the attack remotely. Upgrading to version 1.3.13 is able to addres...

CVE-2022-29438

Authenticated author or higher user role Persistent Cross-Site Scripting XSS vulnerability in Image Slider by NextCode plugin = 1.1.2 at WordPress...

CVE-2022-29438

CVE-2022-29438 affects the WordPress plugin Image Slider by NextCode (versions

SUSE SLES15 Security Update : 389-ds (SUSE-SU-2022:2081-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2081-1 advisory. - A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send ...

CVE-2021-40678

In Piwigo 11.5.0, there exists a persistent cross-site scripting in the single mode function through /admin.php?page=batchmanager&mode=unit...

CVE-2021-40678

CVE-2021-40678 concerns Piwigo 11.5.0, where a persistent cross-site scripting (XSS) vulnerability exists in the single mode function via the URL path /admin.php?page=batch_manager&mode=unit. The connected documents consistently describe it as a client-side JavaScript execution risk reachable thr...

CVE-2017-20043 Navetti PricePoint Persistent cross site scriting

A vulnerability was found in Navetti PricePoint 4.6.0.0 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting Persistent. The attack may be launched remotely. Upgrading to version 4.7.0.0 is able to address this...

CVE-2017-20043 Navetti PricePoint Persistent cross site scriting

A vulnerability was found in Navetti PricePoint 4.6.0.0 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting Persistent. The attack may be launched remotely. Upgrading to version 4.7.0.0 is able to address this...

Malicious code in dashboard-modules (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2616bed5786e244ce809de0caa8e23eb8d4725566cdad7f1d4d8f5f85a5f9286 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

phpList <= 3.2.6 Multiple Vulnerabilities

phpList is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phplist:phplist"; if description...

CVE-2018-25039

A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been declared as problematic. This vulnerability affects unknown code of the file /goform/RgUrlBlock.asp. The manipulation of the argument BasicParentalNewKeyword with the input alert1 as part of POST Request leads to cross site...

Cross site scripting

A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been declared as problematic. This vulnerability affects unknown code of the file /goform/RgUrlBlock.asp. The manipulation of the argument BasicParentalNewKeyword with the input alert1 as part of POST Request leads to cross site...

CVE-2018-25039 Thomson TCW710 RgUrlBlock.asp Persistent cross site scriting

A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been declared as problematic. This vulnerability affects unknown code of the file /goform/RgUrlBlock.asp. The manipulation of the argument BasicParentalNewKeyword with the input alert1 as part of POST Request leads to cross site...

CVE-2018-25039 Thomson TCW710 RgUrlBlock.asp Persistent cross site scriting

A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been declared as problematic. This vulnerability affects unknown code of the file /goform/RgUrlBlock.asp. The manipulation of the argument BasicParentalNewKeyword with the input alert1 as part of POST Request leads to cross site...

CVE-2018-25038 Thomson TCW710 RgDhcp Persistent cross site scriting

A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been classified as problematic. This affects an unknown part of the file /goform/RgDhcp. The manipulation of the argument PppUserName with the input alert1 as part of POST Request leads to cross site scripting Persistent. It is possib...

CVE-2018-25038 Thomson TCW710 RgDhcp Persistent cross site scriting

A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been classified as problematic. This affects an unknown part of the file /goform/RgDhcp. The manipulation of the argument PppUserName with the input alert1 as part of POST Request leads to cross site scripting Persistent. It is possib...

CVE-2018-25036 Thomson TCW710 RgTime Persistent cross site scriting

A vulnerability has been found in Thomson TCW710 ST5D.10.05 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /goform/RgTime. The manipulation of the argument TimeServer1/TimeServer2/TimeServer3 with the input alert1 as part of POST Request lead...

CVE-2018-25036

Thomson TCW710 ST5D.10.05 is affected by CVE-2018-25036 due to an unknown-functionality issue in /goform/RgTime. The vulnerability enables persistent cross-site scripting (XSS) via crafted POST input on TimeServer1/TimeServer2/TimeServer3 (e.g., &gt;). The attack can be launched remotely and the ...

CVE-2018-25035 Thomson TCW710 RGFirewallEL Persistent cross site scriting

A vulnerability, which was classified as problematic, was found in Thomson TCW710 ST5D.10.05. Affected is an unknown function of the file /goform/RGFirewallEL. The manipulation of the argument EmailAddress/SmtpServerName with the input alert1 as part of POST Request leads to cross site scripting...

CVE-2018-25034 Thomson TCW710 wlanPrimaryNetwork Persistent cross site scripting

A vulnerability, which was classified as problematic, has been found in Thomson TCW710 ST5D.10.05. This issue affects some unknown processing of the file /goform/wlanPrimaryNetwork. The manipulation of the argument ServiceSetIdentifier with the input alert1 as part of POST Request leads to basic...