6238 matches found
CVE-2015-5282
Cross-site scripting XSS vulnerability in Foreman 1.7.0 and after...
Stored Cross-Site Scripting Vulnerability in Pauai App
Bao Ai APP is an emotional life information platform that solves the emotional problems of both genders. There is a stored cross-site scripting vulnerability in Pao Ai APP, which can be exploited by an attacker to insert malicious xss cross-site code and obtain sensitive information such as...
CVE-2017-11611
Wolf CMS 0.8.3.1 allows Cross-Site Scripting XSS attacks. The vulnerability exists due to insufficient sanitization of the file name in a "create-file-popup" action, and the directory name in a "create-directory-popup" action, in the HTTP POST method to the "/plugin/filemanager/" script aka an...
avtogorod.by XSS vulnerability
Open Bug Bounty ID: OBB-281796 Description| Value ---|--- Affected Website:| avtogorod.by Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
phpMyAdmin XSS Vulnerability (PMASA-2014-4) - Windows
phpMyAdmin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Stored Cross-Site Scripting Vulnerability in aitecms Message Service
AIT aitecms to php + MySQL aitecms core for the development of customer information management system. A stored cross-site scripting vulnerability exists in the 'diy.php' message of aitecms. An attacker can insert malicious code into the page to obtain user cookies and other information, leading ...
Stored Cross-Site Scripting Vulnerability in ASK2 user.php
ASK2 Q&A system belongs to the Beijing Zhengying Network Technology Company's products , is a set of open source php Q&A system , integration of paid Q&A system , paid voice Q&A system . ASK2 user.php has a stored cross-site scripting vulnerability , because the system fails to strictly filter th...
myswitzerland.com XSS vulnerability
Open Bug Bounty ID: OBB-262836 Description| Value ---|--- Affected Website:| myswitzerland.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
UEditor cross-site scripting vulnerability
No description provided by source...
srpl-servers.org XSS vulnerability
Open Bug Bounty ID: OBB-248393 Description| Value ---|--- Affected Website:| srpl-servers.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
gohargroup.in XSS vulnerability
Open Bug Bounty ID: OBB-242240 Description| Value ---|--- Affected Website:| gohargroup.in Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Stored Cross-site Scripting Vulnerability in DM Enterprise Website System Message Function
DM enterprise building system is developed by php + mysql a set of specialized in small and medium-sized enterprise website construction of open source cms. DM enterprise website building system message function there is a stored cross-site scripting vulnerability , the vulnerability due to the...
Cross site scripting
Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows attackers with administrator rights to inject arbitrary web script or HTML via the Customapp function...
ijitech.org XSS vulnerability
Open Bug Bounty ID: OBB-214686 Description| Value ---|--- Affected Website:| ijitech.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Debian: Security Advisory (DSA-3784-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
shegame.com XSS vulnerability
Open Bug Bounty ID: OBB-206770 Description| Value ---|--- Affected Website:| shegame.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
hioa.no XSS vulnerability
Vulnerable URL: http://www.hioa.no/content/search?SearchText=mafal' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 73223 VIP website status:| No Check hioa.no SSL connection:| Grad...
CVE-2016-5060
Multiple cross-site scripting XSS vulnerabilities in nGrinder before 3.4 allow remote attackers to inject arbitrary web script or HTML via the 1 description, 2 email, or 3 username parameter to user/save...
PT-2016-17: Cross-Site Scripting in SAP NetWeaver
The specialists of the Positive Research center have detected a Cross-Site Scripting vulnerability in SAP NetWeaver. Reflected cross-site scripting in the "/com.sap.portal.themes.styleservice.LockingTestPortalComponent" component allows remote attackers to inject arbitrary HTML tags including...
CVE-2016-6320
Cross-site scripting XSS vulnerability in app/assets/javascripts/hosteditinterfaces.js in Foreman before 1.12.2 allows remote authenticated users to inject arbitrary web script or HTML via the network interface device identifier in the host interface form...