CVE-2023-43705

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "translationvalue1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

CVE-2023-43704

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "title" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

CVE-2023-43706

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "emailtemplateskey" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

CVE-2023-43703

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "productinfoname" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

osCommerce Cross-Site Scripting Vulnerability

osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. osCommerce suffers from a cross-site scripting vulnerability that stems from susceptibility to a cross-site scripting XSS vulnerability that allows an attacker to execute unauthorized scripts in a user's...

osCommerce Cross-Site Scripting Vulnerability

osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. osCommerce suffers from a cross-site scripting vulnerability that stems from susceptibility to a cross-site scripting XSS vulnerability that allows an attacker to execute unauthorized scripts in a user's...

osCommerce Cross-Site Scripting Vulnerability

osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. osCommerce suffers from a cross-site scripting vulnerability that stems from susceptibility to a cross-site scripting XSS vulnerability that allows an attacker to execute unauthorized scripts in a user's...

osCommerce Cross-Site Scripting Vulnerability

osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. osCommerce suffers from a cross-site scripting vulnerability that stems from susceptibility to a cross-site scripting XSS vulnerability that allows an attacker to execute unauthorized scripts in a user's...

osCommerce Cross-Site Scripting Vulnerability

osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. osCommerce suffers from a cross-site scripting vulnerability that stems from susceptibility to a cross-site scripting XSS vulnerability that allows an attacker to execute unauthorized scripts in a user's...

osCommerce Cross-Site Scripting Vulnerability

osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. osCommerce suffers from a cross-site scripting vulnerability that stems from susceptibility to a cross-site scripting XSS vulnerability that allows an attacker to execute unauthorized scripts in a user's...

osCommerce Cross-Site Scripting Vulnerability

osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. osCommerce suffers from a cross-site scripting vulnerability that stems from susceptibility to a cross-site scripting XSS vulnerability that allows an attacker to execute unauthorized scripts in a user's...

osCommerce Cross-Site Scripting Vulnerability

osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. osCommerce suffers from a cross-site scripting vulnerability that stems from susceptibility to a cross-site scripting XSS vulnerability that allows an attacker to execute unauthorized scripts in a user's...

CVE-2023-43884

A Cross-site scripting XSS vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter...

PT-2023-29021 · Unknown · October Cms

Name of the Vulnerable Software and Affected Versions: October CMS version 3.4.16 Description: A Cross-Site Scripting XSS vulnerability in the installer of October CMS allows an attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost field. Recommendations: For...

Cross site scripting

A stored cross-site scripting XSS vulnerability in the cms/content/edit component of YZNCMS v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter...

CVE-2023-44043

A reflected cross-site scripting XSS vulnerability in /install/index.php of Black Cat CMS 1.4.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website title parameter...

Cross site scripting

A stored cross-site scripting XSS vulnerability in /settings/index.php of Black Cat CMS 1.4.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website header parameter...

Unallowed PHP script execution in GLPI

From the GLPI 10.0.10 Changelog: You will find below security issues fixed in this bugfixes version: SECURITY - Critical Unallowed PHP script execution CVE-2023-42802. The mentioned CVE is invalid...

Dreamer CMS 跨站脚本漏洞

Dreamer CMS is a dreamer content management system. Dreamer CMS version v4.1.3 suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the component /admin/u/toIndex, which can be exploited by an attacker to execute...

Blackcat Cms Cross-Site Scripting Vulnerability

Blackcat Cms is a Php-based content management system from the Blackcat team. A cross-site scripting vulnerability exists in Blackcat Cms version 1.4.1, which stems from a cross-site scripting XSS vulnerability in /settings/index.php that allows an attacker to inject a crafted payload via the sit...