CVE-2022-4525

A vulnerability has been found in National Sleep Research Resource sleepdata.org up to 58.x and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 59.0.0.r...

CVE-2022-4523

A vulnerability, which was classified as problematic, has been found in vexim2. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 21c0a60d12e9d587f905cd084b2c70f9b1592065. It is recommended to...

PT-2022-27435 · Wso2 · Wso2 Carbon-Registry

Name of the Vulnerable Software and Affected Versions: WSO2 carbon-registry versions up to 4.8.6 Description: A vulnerability has been found in WSO2 carbon-registry, affecting an unknown part of the component Request Parameter Handler. The manipulation of the argument...

CVE-2022-4353

A vulnerability has been found in LinZhaoguan pb-cms 2.0 and classified as problematic. Affected by this vulnerability is the function IpUtil.getIpAddr. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be use...

pb-cms 安全漏洞

pb-cms is a content management system by LinZhaoguan Personal Developer. A security vulnerability exists in pb-cms version 2.0, which stems from its IpUtil.getIpAddr function that allows attackers to implement cross-site scripting. The attack method has been made public and can be initiated...

CVE-2022-4233

A vulnerability has been found in SourceCodester Event Registration System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /event/admin/?page=user/list. The manipulation of the argument First Name/Last Name leads to cross site scripting. T...

PT-2022-9010 · Tribal Systems · Zenario Cms

Name of the Vulnerable Software and Affected Versions: Tribal Systems Zenario CMS versions prior to 8.5.51340 Description: A vulnerability has been found in the Error Log Module of the Tribal Systems Zenario CMS, specifically in the file admin organizer.js. This issue leads to cross-site scriptin...

CVE-2022-3518

A vulnerability classified as problematic has been found in SourceCodester Sanitization Management System 1.0. Affected is an unknown function of the component User Creation Handler. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. It is possible to...

CVE-2022-3452

A vulnerability was found in SourceCodester Book Store Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /category.php. The manipulation of the argument categoryname leads to cross site scripting. The attack can be initiated remotely...

CVE-2022-2684

A vulnerability has been found in SourceCodester Apartment Visitor Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /manage-apartment.php. The manipulation of the argument Apartment Number with the input alert1 leads to cross site scripting...

Patient Management System 安全漏洞

Clinics Patient Management System is a patient management system for clinics by Carlo Montero, an individual developer. A security vulnerability exists in Patient Management System version 2.0, which stems from an unrestricted upload due to the parameter profilepicture, and can be exploited by an...

Nystudio107 Seomatic 跨站脚本漏洞

Nystudio107 Seomatic is a comprehensive, powerful and flexible turnkey SEO system in the USA. Facilitates modern SEO best practices and implementation of Craft CMS 3. A security vulnerability exists in Nystudio107 Seomatic version 3.4.10, which can be exploited by a remote attacker to inject...

PT-2022-8046 · Thomson · Thomson Tcw710

Name of the Vulnerable Software and Affected Versions: Thomson TCW710 version ST5D.10.05 Description: A problematic issue has been found in the processing of the file /goform/wlanPrimaryNetwork. The manipulation of the ServiceSetIdentifier argument with the input alert1 as part of a POST Request...

CVE-2021-20787

Cross-site scripting vulnerability in GroupSession GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and GroupSession ZION from ver3.0.3 to the version prior to ver5.1.0 allows a remote attacker to inject...

CVE-2021-29201

A remote xss vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4; HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 iLO 5 for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H versions: Pri...

CVE-2021-29146

A remote cross-site scripting XSS vulnerability was discovered in Aruba ClearPass Policy Manager versions prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability...

Vulnerabilities fixed in Microsoft Dynamics

Microsoft fixes multiple vulnerabilities in Microsoft Dynamics products. The vulnerability in Microsoft Dynamics with the attribute CVE-2020-16943 allows a malicious person to access sensitive data. The vulnerabilities with the attributes CVE-2020-16956 and CVE-2020-16978 enable a remote maliciou...

CVE-2020-24897

The Table Filter and Charts for Confluence Server app before 5.3.25 for Atlassian Confluence allow remote attackers to inject arbitrary HTML or JavaScript via cross site scripting XSS through the provided Markdown markup to the "Table from CSV" macro...

CVE-2020-7140

A security vulnerability in HPE IceWall SSO Dfw and Dgfw Domain Gateway Option could be exploited remotely to cause a remote cross-site scripting XSS. HPE has provided the following information to resolve this vulnerability in HPE IceWall SSO DFW and Dgfw: https://www.hpe.com/jp/icewallpatchacces...

CVE-2020-7132

A potential security vulnerability has been identified in HPE Onboard Administrator. The vulnerability could be remotely exploited to allow Reflected Cross Site Scripting. HPE has made the following software updates and mitigation information to resolve the vulnerability in HPE Onboard...