CVE-2019-7660

An issue was discovered in PHPMyWind 5.5. The username parameter of the /install/index.php page has a stored Cross-site Scripting XSS vulnerability, as demonstrated by admin/login.php...

MGASA-2019-0104 Updated nagios packages fix security vulnerability

A flaw was found in Nagios Core version 4.4.1 and earlier. The qhhelp function is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket CVE-2018-13441. A flaw was found in...

OPNsense < 19.1.1 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: OPNsense 19.1 | Cross-Site Scripting Exploit Author: Ozer Goker Vendor Homepage: https://opnsense.org Software Link: http://mirror.ams1.nl.leaseweb.net/opnsense/releases/19.1/OPNsense-19.1-OpenSSL-dvd-amd64.iso.bz2 Version: 19.1...

CVE-2018-19724

CVE-2018-19724 affects Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 with a stored cross-site scripting (XSS) vulnerability that could disclose sensitive information. Root cause is stored XSS in forms handling; impact is information disclosure. Remediation: apply Adobe APSB19-03 securi...

The vulnerability in the scripting sub-component of Java SE, Java SE Embedded, and Jrockit programs allows attackers to gain unauthorized access to protected data.

The vulnerability of the Scripting sub-component in Java SE, Java SE Embedded, and JRockit programs is related to insufficient access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected data using network protocols...

CVE-2018-16193

Cross-site scripting vulnerability in Aterm WF1200CR and Aterm WG1200CR Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

juniqe.dk XSS vulnerability

Open Bug Bounty ID: OBB-717750 Description| Value ---|--- Affected Website:| juniqe.dk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until...

CVE-2018-1000874

PHP cebe markdown parser version 1.2.0 and earlier contains a Cross Site Scripting XSS vulnerability in all distributed parsers allowing a malicious crafted script to be executed that can result in the lose of user data and sensitive user information. This attack can be exploited by crafting a...

CVE-2018-1000874

PHP cebe markdown parser version 1.2.0 and earlier contains a Cross Site Scripting XSS vulnerability in all distributed parsers allowing a malicious crafted script to be executed that can result in the lose of user data and sensitive user information. This attack can be exploited by crafting a...

Cumulative Update 38 for Microsoft Dynamics NAV 2016 (Build 50785)

Cumulative Update 38 for Microsoft Dynamics NAV 2016 Build 50785 This article applies to Microsoft Dynamics NAV 2016 for all countries and all language locales. Overview This cumulative update includes all hotfixes and regulatory features that have been released for Microsoft Dynamics NAV 2016,...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise (CVE-2018-1777)

Summary WebSphere Application Server is shipped as a component of IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise. Information about a potential cross-site scripting security vulnerability affecting IBM WebSphere Application Server Traditional has been published in a security bulleti...

SUSE-SU-2018:3771-2 Security update for squid

This update for squid fixes the following issues: Security issues fixed: - CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling bsc1113668. - CVE-2018-19132: Fixed small memory leak in processing of SNMP packets bsc1113669. Non-security issues fixed: - Create runtime...

siciliafan.it XSS vulnerability

Open Bug Bounty ID: OBB-706472 Description| Value ---|--- Affected Website:| siciliafan.it Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

hotel-aubergemetzger.com XSS vulnerability

Open Bug Bounty ID: OBB-706208 Description| Value ---|--- Affected Website:| hotel-aubergemetzger.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:...

highlights.guru XSS vulnerability

Open Bug Bounty ID: OBB-703675 Description| Value ---|--- Affected Website:| highlights.guru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden...

watanabephoto.studio XSS vulnerability

Open Bug Bounty ID: OBB-701654 Description| Value ---|--- Affected Website:| watanabephoto.studio Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:|...

SUSE-SU-2018:3786-1 Security update for squid

This update for squid fixes the following issues: Security issues fixed: - CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling bsc1113668. - CVE-2018-19132: Fixed small memory leak in processing of SNMP packets bsc1113669. Non-security issues fixed: - Create runtime...

SUSE-SU-2018:3790-1 Security update for squid3

This update for squid3 fixes the following issues: Security issue fixed: - CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling bsc1113668...

2938.ir XSS vulnerability

Open Bug Bounty ID: OBB-698683 Description| Value ---|--- Affected Website:| 2938.ir Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until...

Chakra Scripting Engine Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge HTML-based. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who...