3736 matches found
CVE-2021-20689
Cross-site scripting vulnerability in Yomi-Search Ver4.22 allows remote attackers to inject an arbitrary script via unspecified vectors...
CVE-2021-20691
Cross-site scripting vulnerability in Yomi-Search Ver4.22 allows remote attackers to inject an arbitrary script via unspecified vectors...
CVE-2021-20686
Cross-site scripting vulnerability in Kagemai 0.8.8 allows remote attackers to inject an arbitrary script via unspecified vectors...
CVE-2021-20684
Cross-site scripting vulnerability in MagazinegerZ v.1.01 allows remote attackers to inject an arbitrary script via unspecified vectors...
BaserCMS JavaScript Input Improper Neutralization Vulnerability (CNVD-2021-23789)
BaserCMS is an open source enterprise-level content management system cms. A JavaScript Input Improper Neutralization vulnerability exists in the page editing feature in BaserCMS versions prior to 4.4.5. A remote authenticated attacker can exploit this vulnerability to inject arbitrary scripts...
CVE-2021-20628
Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. Note that this vulnerability occurs only when using Mozilla Firefox...
Tecnoteca openMAINT 跨站脚本漏洞
Tecnoteca openMAINT is an application from the Italian company Tecnoteca. It is based on the CMDBuild software, from which it inherits basic functionality and configuration mechanisms. A security vulnerability exists in openMAINT 2.1-3.3-b, which can be exploited by remote attackers to inject...
Batflat Cross-Site Scripting Vulnerability (CNVD-2021-18015)
Batflat is a simple, lightweight content management system CMS. A cross-site scripting vulnerability exists in Galleries in Batflat 1.3.6. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via field names...
CVE-2021-27679
Cross-site scripting XSS vulnerability in Navigation in Batflat CMS 1.3.6 allows remote attackers to inject arbitrary web script or HTML via the field name...
CVE-2021-20663
Cross-site scripting vulnerability in in Role authority setting screen of Movable Type 7 r.4705 and earlier Movable Type 7 Series, Movable Type Advanced 7 r.4705 and earlier Movable Type Advanced 7 Series, Movable Type 6.7.5 and earlier Movable Type 6.7 Series, Movable Type Premium 1.39 and...
CVE-2021-20664
Cross-site scripting vulnerability in in Asset registration screen of Movable Type 7 r.4705 and earlier Movable Type 7 Series, Movable Type Advanced 7 r.4705 and earlier Movable Type Advanced 7 Series, Movable Type 6.7.5 and earlier Movable Type 6.7 Series, Movable Type Premium 1.39 and earlier,...
CVE-2020-23518
Cross Site Scripting XSS vulnerability in UltimateKode Neo Billing - Accounting, Invoicing And CRM Software up to version 3.5 which allows remote attackers to inject arbitrary web script or HTML...
CVE-2021-20620
Cross-site scripting vulnerability in Aterm WF800HP firmware Ver1.0.9 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors...
Egavilan Media Bakeshop Online Ordering System Cross-Site Scripting Vulnerability
Egavilan Media Bakeshop Online Ordering System is a Javascript-based code repository from Egavilan Media that supports interaction with git repositories. A cross-site scripting vulnerability exists in Bakeshop Online Ordering System that could allow a remote attacker to inject arbitrary web scrip...
WESEEK GROWI cross-site scripting vulnerability (CNVD-2021-16351)
WESEEK GROWI is a suite of team collaboration software from Weseek Japan. A cross-site scripting vulnerability exists in WESEEK GROWI, which can be exploited by a remote attacker to inject arbitrary script via an unspecified vector...
Rocketgenius Gravity Forms Cross-Site Scripting Vulnerability
A cross-site scripting vulnerability in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via imported GF forms...
DEBIAN-CVE-2020-16030
Insufficient data validation in Blink in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...
CVE-2020-27515
A Cross Site Scripting XSS vulnerability in Savsoft Quiz v5.0 allows remote attackers to inject arbitrary web script or HTML via the Skype ID field...
TerraMaster TOS Cross-Site Scripting Vulnerability (CNVD-2020-75161)
TerraMaster TOS is a Linux-based operating system developed for TerraMaster Cloud Storage NAS servers. A cross-site scripting vulnerability exists in TerraMaster TOS 4.2.06 and earlier versions. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the mod...
Xinuos Openserver Cross-Site Scripting Vulnerability
Xinuos Openserver is a FreeBSD-based operating system from the American company Xinuos. Xinuo suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client data in the application parameter section. A remote attacker can exploit this vulnerability by...