Veritas Data Insight 安全漏洞

Veritas Data Insight is a Veritas solution that classifies, contextualizes, and controls unstructured data. A security vulnerability exists in Veritas Data Insight versions prior to 7.1, which stems from vulnerability to cross-site scripting attacks that allow remote attackers to inject arbitrary...

SUSE CVE-2024-8907

Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML XSS via a crafted set of UI gestures. Chromium security severity: Medium...

VulnCheck KEV: CVE-2009-1872

Multiple cross-site scripting XSS vulnerabilities in Adobe ColdFusion Server 8.0.1, 8, and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to 2 wizards/common/logintowizard.cfm,...

VulnCheck KEV: CVE-2014-4535

Cross-site scripting XSS vulnerability in the Import Legacy Media plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php...

SilverSky E-mail Cross-Site Scripting Vulnerability

SilverSky E-mail is a mailbox service from the US-based SilverSky, Inc. A cross-site scripting vulnerability exists in SilverSky E-mail version 5.0.3126 that could allow a remote attacker to inject arbitrary web script or HTML via the version parameter...

Modern Campus Omni CMS Security Vulnerability

Modern Campus Omni CMS is a web content management system from Modern Campus, Inc. It is used by colleges and universities to manage their websites. A security vulnerability exists in Modern Campus Omni CMS version 2023.1, which stems from a Reflected Cross-Site Scripting XSS vulnerability in the...

CVE-2024-34051

A Reflected Cross-site scripting XSS vulnerability located in htdocs/compta/paiement/card.php of Dolibarr before 19.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into the facid parameter...

CVE-2024-33527

A Stored Cross-site Scripting XSS vulnerability in the "Import of Users and login name of user" feature in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with administrative privileges to inject arbitrary web script or HTML via XML file upload...

CVE-2024-33528

A Stored Cross-site Scripting XSS vulnerability in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with tutor privileges to inject arbitrary web script or HTML via XML file upload...

Computer Laboratory Management System 安全漏洞

Computer Laboratory Management System is a computer laboratory management system. A security vulnerability exists in Sourcecodester Computer Laboratory Management System version 1.0, which originates from a cross-site scripting vulnerability that allows remote attackers to inject arbitrary web...

VulnCheck KEV: CVE-2020-23814

Multiple cross-site scripting XSS vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 AppName and 2AddressList parameter in JobGroupController.java file...

PT-2024-4456 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.20 and earlier Description: The issue is related to insufficient protection of the web page structure, which can be exploited by a remote attacker to execute arbitrary code. A stored Cross-Site Scripting...

Totara LMS Cross-Site Scripting Vulnerability

Totara LMS is a learning management system from Totara. A cross-site scripting vulnerability exists in Totara LMS version 18.0.1 Build 20231128.01, which stems from the fact that admin/roles/check.php in the component Profile Handler contains some unknown functions that lead to cross-site scripti...

CVE-2024-3841

Insufficient data validation in Browser Switcher in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to inject scripts or HTML into a privileged page via a malicious file. Chromium security severity: Medium...

CVE-2024-2778

A vulnerability was found in Campcodes Online Marriage Registration System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/search.php. The manipulation of the argument searchdata leads to cross site scripting. The attack may be launched...

CVE-2024-22936

Cross-site scripting XSS vulnerability in Parents & Student Portal in Genesis School Management Systems in Genesis AIMS Student Information Systems v.3053 allows remote attackers to inject arbitrary web script or HTML via the message parameter...

CVE-2024-26269

Cross-site scripting XSS vulnerability in the Frontend JS module's portlet.js in Liferay Portal 7.2.0 through 7.4.3.37, and Liferay DXP 7.4 before update 38, 7.3 before update 11, 7.2 before fix pack 20, and older unsupported versions allows remote attackers to inject arbitrary web script or HTML...

Liferay Portal and Liferay DXP Security Vulnerabilities

Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...

Liferay Portal and Liferay DXP Security Vulnerabilities

Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...

Liferay Portal and Liferay DXP Security Vulnerabilities

Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...