318 matches found
Linux Distros Unpatched Vulnerability : CVE-2013-4492
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in exceptions.rb in the i18n gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary web script or HTML via...
The vulnerability of the /vb.htm component in the wireless IP camera software of D-Link DCS-6010L allows a attacker to execute XSS attacks.
The vulnerability of the /vb.htm component in the microprogramming software of the D-Link DCS-6010L wireless IP camera is related to the lack of measures taken to protect the website structure when processing the paratest parameter. Exploiting this vulnerability allows a malicious actor to carry...
The vulnerability of the “Import from XML and YML” plugin exists due to the lack of protective measures for website structure. This allows attackers to execute XSS attacks.
The vulnerability of the “Import from XML, and YML” plugin exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
CVE-2021-29210
A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4; HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 iLO 5 for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380...
CVE-2021-29207
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4; HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 iLO 5 for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H versions: Pri...
CVE-2021-29211
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4; HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 iLO 5 for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H versions: Pri...
CVE-2021-26682
A remote reflected cross-site scripting XSS vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the guest portal interface of ClearPass could allow a remote attacker to conduct a reflected cross-site scripting XSS atta...
CVE-2021-29205
A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4; HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 iLO 5 for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H versions: Pri...
CVE-2025-3592
A vulnerability was found in ZHENFENG13/code-projects My-Blog-layui 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/v1/link/edit. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-2490 Dromara ujcms File Upload WebFileUploadController.java upload cross site scripting
A vulnerability was found in Dromara ujcms 9.7.5. It has been rated as problematic. Affected by this issue is the function uploadZip/upload of the file /main/java/com/ujcms/cms/ext/web/backendapi/WebFileUploadController.java of the component File Upload. The manipulation leads to cross site...
CVE-2025-0971
A vulnerability was found in Zenvia Movidesk up to 25.01.22. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Account/EditProfile of the component Profile Editing. The manipulation of the argument username leads to cross site scripting. The attac...
CVE-2025-0794
A vulnerability was found in ESAFENET CDG V5 and classified as problematic. Affected by this issue is some unknown functionality of the file /todoDetail.jsp. The manipulation of the argument curpage leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed...
CVE-2025-0228
A vulnerability has been found in code-projects Local Storage Todo App 1.0 and classified as problematic. This vulnerability affects unknown code of the file /js-todo-app/index.html. The manipulation of the argument Add leads to cross site scripting. The attack can be initiated remotely. The...
CVE-2024-12933
A vulnerability was found in code-projects Simple Admin Panel 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file updateItemController.php. The manipulation of the argument pname/pdesc leads to cross site scripting. The attack may be launched...
The vulnerability of the QuLog Center software platform for managing QNAP NAS devices lies in the lack of security measures to protect the website structure. This allows attackers to carry out XSS attacks.
The vulnerability of the QuLog Center software platform for managing QNAP NAS devices is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
CVE-2024-12892
A vulnerability classified as problematic was found in code-projects Online Exam Mastering System 1.0. Affected by this vulnerability is an unknown functionality of the file /sign.php?q=account.php. The manipulation of the argument name/gender/college leads to cross site scripting. The attack can...
CVE-2024-10755
A vulnerability classified as problematic has been found in PHPGurukul Online Shopping Portal 2.0. Affected is an unknown function of the file /admin/assets/plugins/DataTables/media/unittesting/templates/emptytable.php. The manipulation of the argument scripts leads to cross site scripting. It is...
PT-2024-38839 · Unknown · Sourcecodester Qr Code Bookmark System
Name of the Vulnerable Software and Affected Versions: SourceCodester QR Code Bookmark System version 1.0 Description: A vulnerability was found in the SourceCodester QR Code Bookmark System, affecting the file /endpoint/add-bookmark.php of the component Parameter Handler. The manipulation of the...
CVE-2024-7657
A vulnerability classified as problematic was found in Gila CMS 1.10.9. This vulnerability affects unknown code of the file /cm/updaterows/page?id=2 of the component HTTP POST Request Handler. The manipulation of the argument content leads to cross site scripting. The attack can be initiated...
PT-2024-38488 · Unknown · Sourcecodester File Manager App
Name of the Vulnerable Software and Affected Versions: SourceCodester File Manager App version 1.0 Description: A vulnerability has been found in the SourceCodester File Manager App, affecting an unknown functionality of the component Add File Handler. The manipulation of the argument File...