ILIAS Cross-Site Scripting Vulnerability (CNVD-2018-10349)

ILIAS is a Web-based learning management system developed by the ILIAS team. The system contains modules for course management, file sharing, and live chat. A cross-site scripting vulnerability exists in the error.php page in versions 5.3.x prior to ILIAS 5.3.4 and 5.2.x. A remote attacker can...

CVE-2018-0578

Cross-site scripting vulnerability in PixelYourSite plugin prior to version 5.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2018-0581

Cross-site scripting vulnerability in ASUS RT-AC87U Firmware version prior to 3.0.0.4.378.9383 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2018-0579

Cross-site scripting vulnerability in Open Graph for Facebook, Google+ and Twitter Card Tags plugin prior to version 2.2.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2018-0577

Cross-site scripting vulnerability in WP Google Map Plugin prior to version 4.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2018-0576

Cross-site scripting vulnerability in Events Manager plugin prior to version 5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Drupal CKEditor Enhanced Image plugin cross-site scripting vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.CKEditor is one of the text editors.Enhanced Image aka image2 is one of the image enhancement plugins. A cross-site scripting vulnerability exists in the Enhanced Image plugin in Drupal...

Cisco WebEx Connect IM Cross-Site Scripting Vulnerability

Cisco WebEx Connect is the United States Cisco Cisco a simultaneous instant messaging, IP telephony, voice, video and web conferencing features such as client software. im is one of the instant messaging component. A cross-site scripting vulnerability exists in Cisco WebEx Connect IM, which stems...

Puppet Enterprise Console Cross-Site Scripting Vulnerability (CNVD-2018-09252)

Puppet is a set of configuration management tools based on client/server C/S architecture from Puppet Labs in the U.S. It can be used to manage configuration files, users, cron tasks, packages, system services, etc. Puppet Enterprise is its enterprise version.Puppet Enterprise Console is one of t...

Puppet Enterprise Console Cross-Site Scripting Vulnerability (CNVD-2018-09253)

Puppet is a set of configuration management tools based on client/server C/S architecture from Puppet Labs in the U.S. It can be used to manage configuration files, users, cron tasks, packages, system services, etc. Puppet Enterprise is its enterprise version.Puppet Enterprise Console is one of t...

CVE-2018-0711

Cross-site scripting XSS vulnerability in QNAP QTS 4.3.3 build 20180126, QTS 4.3.4 build 20180315, and their earlier versions could allow remote attackers to inject arbitrary web script or HTML...

DiliCMS Cross-Site Scripting Vulnerability

DiliCMS aka DiligentCMS is a content management system CMS based on Codelgniter. A cross-site scripting vulnerability exists in the System Settings - Site Settings filing number field of the admin/index.php file in DiliCMS version 2.4.0. A remote attacker can exploit this vulnerability to inject...

CVE-2017-13073

Cross-site scripting XSS vulnerability in QNAP NAS application Photo Station versions 5.2.7, 5.4.3, and their earlier versions could allow remote attackers to inject arbitrary web script or HTML...

UBUNTU-CVE-2018-9861

Cross-site scripting XSS vulnerability in the Enhanced Image aka image2 plugin for CKEditor in versions 4.5.10 through 4.9.1; fixed in 4.9.2, as used in Drupal 8 before 8.4.7 and 8.5.x before 8.5.2 and other products, allows remote attackers to inject arbitrary web script through a crafted IMG...

Fastspot BigTree Cross-Site Scripting Vulnerability (CNVD-2018-08553)

Fastspot BigTree is the United States Fastspot company based on PHP and MySQL open source content management system CMS. A cross-site scripting vulnerability exists in the /core/inc/lib/less.php/test/index.php file in Fastspot BigTree version 4.2.22. A remote attacker can exploit this vulnerabili...

QNAP Cross-Site Scripting Vulnerability

QNAPS is a set of network storage devices from QNAP Systems, Inc. for home, SOHO, and SMB users. QNAPS is a network storage device for home, SOHO, and SMB users, and File Station is one of the file management applications. A cross-site scripting vulnerability exists in the shared links feature of...

WordPress Cross-Site Scripting Vulnerability (CNVD-2018-08609)

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the generator tag in WordPress versions prior to 4.9.5, which...

Cross site scripting

Cross-site scripting XSS vulnerability in Open-AudIT Professional 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the Admin-Logs section with a logs?logs.type= URI and the Manage-Attributes section via the "Name display"...

Dolibarr ERP/CRM Cross-Site Scripting Vulnerability (CNVD-2018-08335)

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A cross-site scripting vulnerability exists in Dolibarr ERP/CR...

Cybozu Garoon Cross-Site Scripting Vulnerability (CNVD-2018-08048)

Cybozu Garoon is a portal-type OA office system of Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, etc. and supports free switching among three languages Chinese, Japanese, and English. A cross-site scripting vulnerability exists in...