222 matches found
WordPress plugin EventPress 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...
Garmin WDU 安全漏洞
Garmin WDU is a wireless data unit developed by Garmin Corporation, designed for data updates and maintenance of aviation electronic equipment. Versions 1.1.6 and 2.5.0 of Garmin WDU contain security vulnerabilities. These vulnerabilities stem from allowing reflective cross-site scripting attacks...
WordPress plugin Boutique 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...
WordPress plugin Reebox 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...
WordPress plugin Starto 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 跨站脚本漏洞
Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure Firewall Threat Defense are products of Cisco, a US company. Cisco Secure Firewall Adaptive Security Appliance is an enterprise-level firewall software. Cisco Secure Firewall Threat Defense is an integrated firewall platform. Both...
Omega-PSIR 跨站脚本漏洞
Omega-PSIR is a comprehensive scientific information management system operated by Politechnika Warszawska. Omega-PSIR has a cross-site scripting vulnerability, which stems from the reflective cross-site scripting present in the lang parameter. This vulnerability could allow attackers to execute...
Comodo Dome Firewall 跨站脚本漏洞
Comodo Dome Firewall is a unified threat management and next-generation firewall provided by the Chinese company Comodo. Version 2.7.0 of Comodo Dome Firewall contains a cross-site scripting vulnerability. This vulnerability stems from improper cleaning of the device parameter input in QoS device...
Silicon Labs Simplicity Device Manager Tool 安全漏洞
The Silicon Labs Simplicity Device Manager Tool is a hardware enumeration, configuration, and fault-diagnosis tool developed by Silicon Labs, Inc. The tool has a security vulnerability caused by reflective cross-site scripting in multiple API endpoints. This vulnerability could allow attackers to...
CVE-2025-67855
A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting XSS vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links...
Creativeitem Academy LMS 安全漏洞
Creativeitem Academy LMS is an online learning management system provided by the Bangladeshi company Creativeitem. Version 7.0 of Creativeitem Academy LMS contains a security vulnerability. This vulnerability stems from insufficient validation of the string parameters in the /academy/blogs endpoi...
WordPress plugin Netgsm has a cross-site scripting vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. WordPress...
WordPress plugin MemberPress Discord Addon: Cross-site scripting vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress Plugin ApusTheme Drone Cross-site Scripting Vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress plugin Grand Magazine has a cross-site scripting vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
MedDream PACS Premium security vulnerability
MedDream PACS Premium is an enterprise-level image storage and management server suite developed by MedDream Corporation. Version 7.3.6.870 of MedDream PACS Premium contains a security vulnerability caused by a reflective cross-site scripting vulnerability in the ldapUser function, which may allo...
CVE-2023-49494
DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting XSS vulnerability via the component selectmediapostwangEditor.php...
CVE-2023-49489
Reflective Cross Site Scripting XSS vulnerability in KodExplorer version 4.51, allows attackers to obtain sensitive information and escalate privileges via the APPHOST parameter at config/i18n/en/main.php...
CVE-2023-49490
XunRuiCMS v4.5.5 was discovered to contain a reflective cross-site scripting XSS vulnerability via the component /admin.php...
TechStore 安全漏洞
TechStore is a subscription software platform from TechStore Inc. in the United Arab Emirates. A security vulnerability exists in TechStore version 1.0, which stems from the id parameter not being encoded or cleaned up, which could lead to a reflective cross-site scripting attack...