CVE-2019-3485

Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1...

admin.stubbses.org Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-903095 Security Researcher Gh05tPT Helped patch 6892 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting admin.stubbses.org websit...

Stored Cross-site Scripting Vulnerability in UQCMS Single Merchant Edition Frontend

UQCMS Single Merchant System is an external display and shopping system suitable for running your own products. A stored cross-site scripting vulnerability exists in the frontend of UQCMS Single Merchant Edition. An attacker can exploit this vulnerability to obtain background administrator cookie...

keyworddiscovery.co.uk Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-900088 Security Researcher geeknik Helped patch 8815 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting keyworddiscovery.co.uk...

etipping.com.au Cross Site Scripting vulnerability

Security Researcher Renzi Helped patch 6742 vulnerabilities Received 8 Coordinated Disclosure badges Received 36 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting etipping.com.au website and its users. Following coordinated...

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Tivoli Federated Identity Manager (CVE-2018-1902, CVE-2019-4030,CVE-2019-4046)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Tivoli Federated Identity Manager TFIM. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bullet...

Information disclosure

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1023...

CVE-2017-5213

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting XSS...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Rational ClearCase (CVE-2019-4030)

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Rational ClearCase. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Arbitrary Code Execution

Red Hat Certificate System RHCS is an enterprise software system designed to manage enterprise Public Key Infrastructure PKI deployments. The Token Processing System TPS is a PKI subsystem that acts as a Registration Authority RA for authenticating and processing enrollment requests, PIN reset...

Stored Cross-Site Scripting Vulnerability in Public Resources Trading Center of Jiangsu Guotai Newpoint Software Co.

Jiangsu Guotai New Point Software Co., Ltd. is to provide e-government, public resources trading, electronic bidding, construction industry, smart city and other fields of related software products and hardware and software integration solutions. A stored cross-site scripting vulnerability exists...

Stored Cross-Site Scripting Vulnerability at the Address of Cloud EC E-commerce System V1.2.4

Cloud EC e-commerce system hereinafter referred to as Cloud EC is a set of PHP + MYSQL-based open source e-commerce system software developed independently by Cloud MYSQL e-commerce Co. Cloud EC e-commerce system V1.2.4 address at the existence of stored cross-site scripting vulnerability, the...

CVE-2018-19525

An issue was discovered on Systrome ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1TRUNK-20180914.bin devices. There is CSRF via /ui/?g=objkeywordsadd and /ui/?g=objkeywordsaddsave with resultant XSS because of a lack of csrf token validation...

CVE-2019-7660

An issue was discovered in PHPMyWind 5.5. The username parameter of the /install/index.php page has a stored Cross-site Scripting XSS vulnerability, as demonstrated by admin/login.php...

MGASA-2019-0104 Updated nagios packages fix security vulnerability

A flaw was found in Nagios Core version 4.4.1 and earlier. The qhhelp function is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket CVE-2018-13441. A flaw was found in...

OPNsense < 19.1.1 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: OPNsense 19.1 | Cross-Site Scripting Exploit Author: Ozer Goker Vendor Homepage: https://opnsense.org Software Link: http://mirror.ams1.nl.leaseweb.net/opnsense/releases/19.1/OPNsense-19.1-OpenSSL-dvd-amd64.iso.bz2 Version: 19.1...

CVE-2018-19724

CVE-2018-19724 affects Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 with a stored cross-site scripting (XSS) vulnerability that could disclose sensitive information. Root cause is stored XSS in forms handling; impact is information disclosure. Remediation: apply Adobe APSB19-03 securi...

The vulnerability in the scripting sub-component of Java SE, Java SE Embedded, and Jrockit programs allows attackers to gain unauthorized access to protected data.

The vulnerability of the Scripting sub-component in Java SE, Java SE Embedded, and JRockit programs is related to insufficient access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected data using network protocols...

CVE-2018-16193

Cross-site scripting vulnerability in Aterm WF1200CR and Aterm WG1200CR Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

juniqe.dk XSS vulnerability

Open Bug Bounty ID: OBB-717750 Description| Value ---|--- Affected Website:| juniqe.dk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until...