DragonByte Technologies vbActivity for vBulletin Cross-Site Scripting Vulnerability

DragonByte Technologies vbActivity for vBulletin is a module with polling and rating functionality for vBulletin, an open source commercial web forum program from DragonByte Technologies, Scotland. A cross-site scripting vulnerability exists in DragonByte Technologies vbActivity for vBulletin...

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability (CNVD-2018-01388)

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A cross-site scripting...

Microsoft SharePoint Enterprise Server Cross-Site Scripting Vulnerability

Microsoft SharePoint Enterprise Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enables you to share work, collaborate with others, organize projects and workgroups, and search for people and information. A...

Celartem Extensis Portfolio NetPublish Cross-Site Scripting Vulnerability

Celartem Extensis Portfolio NetPublish is a digital asset management software from Celartem Japan. A cross-site scripting vulnerability exists in Celartem Extensis Portfolio NetPublish. A remote attacker can inject arbitrary web script or HTML by sending the 'quickfind' parameter to the...

PHP Scripts Mall Responsive Realestate Script Cross-Site Scripting Vulnerability

Responsive Realestate Script is a script for building real estate websites. A cross-site scripting vulnerability exists in PHP Scripts Mall Responsive Realestate Script. A remote attacker can inject arbitrary web script or HTML by sending the 'gplus' parameter to the admin/general.php file...

IBM Business Process Manager Cross-Site Scripting Vulnerability

IBM Business Process Manager BPM is a comprehensive set of business process management platform from IBM in the United States. The platform provides a range of tools related to process modeling, assembly, monitoring and deployment for business. A cross-site scripting vulnerability exists in IBM...

CVE-2017-17719

A cross-site scripting XSS vulnerability in the wp-concours plugin through 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the resultmessage parameter to includes/concourspage.php...

CVE-2017-17753

Multiple cross-site scripting XSS vulnerabilities in the esb-csv-import-export plugin through 1.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 cietype, 2 cieimport, 3 cieupdate, or 4 cieignore parameter to includes/admin/views/esb-cie-import-export-page.ph...

UrBackup Server Cross-Site Scripting Vulnerability

UrBackup is an easy to install open source client/server backup system . A cross-site scripting vulnerability exists in UrBackup Server before 2.1.20. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the action parameter...

Posty Scubez Posty Readymade Classifieds Cross-Site Scripting Vulnerability

Posty Scubez Posty Readymade Classifieds is a suite of announcement-based website scripts from Posty India. A cross-site scripting vulnerability exists in Posty Scubez Posty Readymade Classifieds. A remote attacker can inject arbitrary web script or HTML by sending the 'ID' parameter to the...

TIBCO BusinessWorks Process Monitor Integration Matters nJAMS Cross-Site Scripting Vulnerability

TIBCO BusinessWorks Process Monitor is a process monitor for the BusinessWorks platform from TIBCO Software, Inc. Integration Matters nJAMS is one of the business process monitoring components used in it. A cross-site scripting vulnerability exists in TIBCO BusinessWorks Process Monitor 3.0.1.3 a...

Foreman cross-site scripting vulnerability (CNVD-2017-35447)

Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides features such as service provisioning, configuration management, and status reporting. A cross-site scripting vulnerability exists in the Facts, Trends, and Statistics pages in Foreman. A...

Arris TG1682G Device Cross-Site Scripting Vulnerability

The Arris TG1682G devices is a Modem modem router all-in-one device from the Arris Group of companies in the U.S.A. The Comcast TG16822.0s7PRODse is a set of firmware developed by Comcast in the U.S.A. that is used in it. A cross-site scripting vulnerability exists in Arris TG1682G devices using...

MyBB installer cross-site scripting vulnerability

MyBB aka MyBulletinBoard is a free and web-based forum software developed by the MyBB team using PHP and MySQL. The software is easy to use, supports multiple languages, and is extensible. installer is one of the installers. A cross-site scripting vulnerability exists in the installer in MyBB...

Fortinet FortiOS Cross-Site Scripting Vulnerability (CNVD-2017-33750)

Fortinet FortiOS is a set of security operating system developed by the U.S. Fiat Fortinet dedicated to the FortiGate network security platform. The system provides users with firewall, antivirus, IPSec/SSL VPN, Web content filtering and anti-spam and other security features. A cross-site scripti...

Catalyst Mahara Cross-Site Scripting Vulnerability (CNVD-2017-36225)

Catalyst Mahara is a social networking system from Catalyst IT in New Zealand. The system includes a blog, resume builder, file manager, and more. A cross-site scripting vulnerability exists in Catalyst Mahara versions 1.10 before 1.10.0 and 15.04 before 15.04.0. A remote attacker could exploit...

IBM Business Process Manager Cross-Site Scripting Vulnerability (CNVD-2017-34194)

IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise are both products of IBM Corporation of the U.S.A. IBM Cloud Orchestrator is a suite of solutions that provides cloud management for IT services and accelerates the delivery of software and infrastructure.IBM Cloud IBM Cloud Orchestrato...

WordPress user-login-history plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers. user-login-history plugin is one of the user login tracking plugin. A cross-site scripting vulnerability exists in...

Fortinet FortiOS Cross-Site Scripting Vulnerability (CNVD-2017-36080)

Fortinet FortiOS is a set of security operating system developed by the U.S. Fiat Fortinet company dedicated to FortiGate network security platform. The system provides users with firewall, antivirus, IPSec/SSL VPN, Web content filtering and anti-spam and other security features. A cross-site...

Redmine cross-site scripting vulnerability (CNVD-2017-31961)

Redmine is a set of open source Web-based project management and defect tracking tools . The tool provides project management , issue tracking and role-based access control and other features . A cross-site scripting vulnerability exists in the Textile and Markdown text formatting and project hom...