Multiple Cross-Site Scripting Vulnerabilities in SAP HANA

SAP HANA is a high-performance real-time data analytics platform from SAP. The platform provides data query functions, users can directly query and analyze a large amount of real-time business data. SAP HANA has multiple cross-site scripting vulnerabilities that can be exploited by an attacker to...

Live off the mobile phone client xss comfortably into the background-bug warning-the black bar safety net

Brief description: Live off the mobile phone client sidexsscomfortably, you can log in the background Detailed description: 0x00 keywords code area Live off to find room Android App, user feedback, comfortably, the storage-typexss, the'" 0x02 process User feedback directly inserted into the !...

Saurus CMS Community Edition vulnerable to cross-site scripting

Overview Saurus CMS Community Edition is open source software to manage and build websites. Saurus CMS Community Edition contains multiple cross-site scripting vulnerabilities. Yuji Tounai of NTT Com Security reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under...

Cross-site Scripting Vulnerability in Hitachi Application Server Help

Overview Hitachi Application Server Help contains a cross-site scripting vulnerability. Impact A remote attacker can exploit this vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

Multiple Cross-Site Scripting Vulnerabilities in Drupal Taxonomy Tools Module

Drupal is written using the PHP language open source content management framework , which consists of a content management system and PHP development framework together . Multiple cross-site scripting vulnerabilities exist in the Drupal Taxonomy Tools module due to the program failing to properly...

Cisco Prime Security Manager Cross-Site Scripting Vulnerability (CNVD-2015-01125)

Cisco Prime Security Manager is a tool for centralized management of the Cisco ASA 5500-X Series firewalls. A cross-site scripting vulnerability exists in Cisco Prime Security Manager due to the program failing to properly filter user-supplied input. An attacker could exploit this vulnerability t...

Multiple Cross-Site Scripting Vulnerabilities in Cisco Prime Infrastructure

Cisco Prime Infrastructure is an all-in-one package that provides complete infrastructure wired and wireless and mobile lifecycle management provisioning, monitoring, troubleshooting, fixing, and reporting. Multiple cross-site scripting vulnerabilities exist in Cisco Prime Infrastructure, as the...

Plain Black WebGUI 'style-underground/search' cross-site scripting vulnerability

WebGUI is a CMS Content Management System software that is mainly used to facilitate the publishing and maintenance of website content. A cross-site scripting vulnerability exists in Plain Black WebGUI 'style-underground/search'. This allows remote attackers to execute arbitrary web script or HTM...

SnipSnap 'query' parameter cross-site scripting vulnerability

SnipSnap is a free java written and easy to install webBlog and wiki tools. A cross-site scripting vulnerability exists in the SnipSnap 'query' parameter due to the program failing to properly process user-supplied input. This allows an attacker to steal cookie-based authentication credentials an...

Fortinet FortiOS HTML Injection Vulnerability

Fortinet FortiOS is a set of security operating system developed by the U.S. company Fita Fortinet dedicated to the FortiGate platform, which provides users with firewall, antivirus, IPSec/SSL VPN, Web content filtering, anti-spam and other security features. An HTML injection vulnerability exist...

MantisBT < 1.2.19, 1.3.x < 1.3.0-beta.2 Multiple Vulnerabilities

MantisBT is prone to multiple vulnerabilities. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fortinet FortiAuthenticator Appliance Cross-Site Scripting Vulnerability Vulnerability

Fortinet FortiAuthenticator is a family of secure authentication software from Fortinet that can be combined with FortiToken two-factor authentication token to provide secure two-factor authentication to third-party devices authenticated via RADIUS or LDAP. The Fortinet FortiAuthenticator Applian...

Cisco Meraki Systems Manager HTML Injection Vulnerability

Cisco Meraki Systems Manager is a cloud-based management solution. An HTML injection vulnerability exists in Cisco Meraki Systems Manager, which could be exploited by an attacker to obtain cookie-based authentication credentials and execute arbitrary script or HTML code in the context of an...

Fumy News Clipper vulnerable to cross-site scripting

Overview Fumy News Clipper provided by Nishishi Factory contains a cross-site scripting vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on the...

WordPress Plugin Photo Gallery Has Multiple Cross-Site Scripting Vulnerabilities

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. WordPress plugin Photo Gallery has multiple cross-site scripting vulnerabilities due to the program failing to properly filte...

WordPress Plugin Blubrry PowerPress Podcast 'admin.php' Cross-Site Scripting Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin Blubrry PowerPress Podcast 'admin.php' due to the program...

Multiple Cross-Site Scripting Vulnerabilities in Saurus CMS

Saurus CMS is a content management system. Saurus CMS suffers from multiple cross-site scripting vulnerabilities due to the program failing to properly process user-supplied input. This allows attackers to exploit this vulnerability to steal cookie-based authentication credentials, execute...

Marked Module Cross-Site Scripting Vulnerability

Marked Module is the Markdown parser. A cross-site scripting vulnerability exists in Marked Module because the program fails to properly filter user-supplied input. An attacker could use this vulnerability to execute arbitrary script code or steal cookie-based authentication credentials in the...

Multiple HTML Injection Vulnerabilities in FerretCMS

FerretCMS is a content management system. Multiple HTML injection vulnerabilities exist in FerretCMS, which could be exploited by an attacker to execute arbitrary HTML and script code in the context of an affected application...

Kiwix Cross-Site Scripting Vulnerability

Kiwix is a free application for offline browsing of Wikipedia. Kiwix suffers from a cross-site scripting vulnerability due to the program failing to properly filter user-supplied input. An attacker could use this vulnerability to execute arbitrary script code or steal cookie-based authentication...