SugarCRM Cross-Site Scripting Vulnerability

SugarCRM Professional is a professional version of an open source customer relationship management system CRM from SugarCRM USA. The system supports differentiated marketing for different customer needs, managing and distributing sales leads, and enabling information sharing and tracking of sales...

Kohana Security Component Cross-Site Scripting Vulnerability

Kohana is the Kohana team developed a set of MVC model based on the construction of PHP5 framework. security component is one of the security components . A cross-site scripting vulnerability exists in the Security component of Kohana versions prior to 3.3.6. A remote attacker can inject arbitrar...

dayrui FineCms 'oauth' function cross-site scripting vulnerability

dayrui FineCms is China Tianrui dayrui program design team released a set of content management system CMS using MVC architecture and PDO database interface development. A cross-site scripting vulnerability exists in the 'oauth' function of the controllers/member/api.php file in version 5.0.11 of...

dayrui FineCms 'checktitle' Function Cross-Site Scripting Vulnerability

dayrui FineCms is China Tianrui dayrui program design team released a set of content management system CMS using MVC architecture and PDO database interface development. A cross-site scripting vulnerability exists in the 'checktitle' function in the controllers/member/api.php file in version 5.0....

dayrui FineCms 'out' function cross-site scripting vulnerability

dayrui FineCms is China Tianrui dayrui program design team released a set of content management system CMS using MVC architecture and PDO database interface development. A cross-site scripting vulnerability exists in the 'out' function of the controllers/member/Login.php file in version 5.0.11 of...

ForgeRock OpenIDM Admin UI Cross-Site Scripting Vulnerability

ForgeRock OpenIDM is an extensible set of identity management tools for managing the identity lifecycle and provisioning issues from ForgeRock, Inc. The Admin UI is one of the backend management interfaces. orgeRock OpenID Admin UI is vulnerable to a cross-site scripting vulnerability. A remote...

ONOS Cross-Site Scripting Vulnerability

ONOS is an open source SDN network operating system. A cross-site scripting vulnerability exists in ONOS versions 1.8.0, 1.9.0, and 1.10.0. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

Paessler PRTG Network Monitor Cross-Site Scripting Vulnerability

Paessler PRTG Network Monitor is a full-featured network monitoring and management software from Paessler AG, Germany. A cross-site scripting vulnerability exists in the DEVICES OR SENSORS feature in versions prior to Paessler PRTG Network Monitor 17.3.33.2654. A remote attacker can exploit this...

MISP Cross-Site Scripting Vulnerability

MISP is a suite of open source software solutions for collecting, storing, distributing and sharing cybersecurity metrics and threats cybersecurity event analysis and malware analysis. A cross-site scripting vulnerability exists in the app/View/Helper/CommandHelper.php file in versions of MISP...

CVE-2017-9816

Cross-site scripting XSS vulnerability in Paessler PRTG Network Monitor before 17.2.32.2279 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2017-6776

A vulnerability in the web framework of Cisco Elastic Services Controller ESC could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface. The vulnerability is due to insufficient validation of user-supplied input by the affecte...

Cisco AnyConnect Secure Mobility Client Software Cross-Site Scripting Vulnerability

The Cisco AnyConnect Secure Mobility Client is Cisco's next-generation VPN client. Cisco AnyConnect Secure Mobility Client suffers from a cross-site scripting vulnerability in the WebLaunch feature, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code...

Synology Video Station Cross-Site Scripting Vulnerability

Synology Video Station is a video manager from Synology.Video Metadata Editor is one of the video metadata editors. A cross-site scripting vulnerability exists in Video Metadata Editor in Synology Video Station versions prior to 2.3.0-1435. A remote attacker can exploit the vulnerability to injec...

Liferay Portal CE Cross-Site Scripting Vulnerability (NVD-C-2017-97626)

Liferay Portal is a J2EE-based portal solution from Liferay, Inc. The solution uses EJB as well as JMS and other technologies , and can be used as a Web publishing and sharing workspaces , enterprise collaboration platforms , social networks and so on. A cross-site scripting vulnerability exists ...

Pegasystem PEGA Platform Cross-Site Scripting Vulnerability

Pegasystem PEGA Platform is a suite of application development platforms from Pegasystem UK. The platform is used to develop applications for BPM Business Process Management, Case Management, Real Time Decision Making and CRM Customer Relationship Management. A cross-site scripting vulnerability...

CVE-2017-2285

Cross-site scripting vulnerability in Simple Custom CSS and JS prior to version 3.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

MODX Revolution System Settings Module Cross-Site Scripting Vulnerability

MODX Revolution is the United States MODX company's set of PHP-based open source content management system CMS. The system supports online collaboration , search engine optimization SEO, add-ons , etc. System Settings module is one of the system settings module . A cross-site scripting...

WordPress Etoile Ultimate Product Catalog Plugin Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress Etoile Ultimate Product Catalog is a product catalog editing and management component. Product Manually is a component for...

Rocket.Chat Cross-Site Scripting Vulnerability

Rocket.Chat is an open source built in JavaScript using the Meteor fullstack framework developed by the Web chat server . A cross-site scripting vulnerability exists in the markdown link parsing code used for messages in Rocket.Chat. A remote attacker can exploit this vulnerability to inject...

NetComm Wireless 4GT101W Router Cross-Site Scripting Vulnerability

NetComm Wireless 4GT101W routers is a wireless router product from NetComm Wireless Australia. A cross-site scripting vulnerability exists in NetComm Wireless 4GT101W routers running hardware version 0.01/software version V1.1.8.8/bootloader version 1.1.3. A remote attacker can exploit this...