Cross site scripting

Cross-site scripting XSS vulnerability in the search functionality in Intrexx before 9.4.0 allows remote attackers to inject arbitrary web script or HTML via the request parameter...

Cross-Site Scripting (XSS)

atlas-webapp is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript into a user's browser via the search functionality...

Stored XSS in Apache Atlas

Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to Stored Cross-Site Scripting in the search functionality...

GHSA-V62J-FCXQ-J239 Stored XSS in Apache Atlas

Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to Stored Cross-Site Scripting in the search functionality...

DRUPAL-CONTRIB-2019-095

The Permissions by Term module extends Drupal by functionality for restricting access to single nodes via taxonomy terms. The module doesn't sufficiently restrict access to node previews, when the Search API module is used to display nodes in search result lists...

CVE-2019-10070

Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to Stored Cross-Site Scripting in the search functionality...

Cross site scripting

Multiple Reflected Cross-site Scripting XSS vulnerabilities exist in Zucchetti InfoBusiness before and including 4.4.1. The browsing component did not properly sanitize user input encoded in base64. This also applies to the search functionality for the searchKey parameter...

CVE-2019-18205

Multiple Reflected Cross-site Scripting XSS vulnerabilities exist in Zucchetti InfoBusiness before and including 4.4.1. The browsing component did not properly sanitize user input encoded in base64. This also applies to the search functionality for the searchKey parameter...

UBUNTU-CVE-2019-12385

An issue was discovered in Ampache through 3.9.1. The search engine is affected by a SQL Injection, so any user able to perform lib/class/search.class.php searches even guest users can dump any data contained in the database sessions, hashed passwords, etc.. This may lead to a full compromise of...

Sql injection

In Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3, some menu links within the administration bar may be crafted to execute JavaScript when the administrator is logged in and uses the search functionality. This issue is mitigated by the attacker needing permissions to create...

CVE-2019-2499

CVE-2019-2499 affects Oracle PeopleSoft Enterprise PeopleTools, subcomponent PIA Search Functionality, with affected versions 8.55–8.57. The vulnerability allows an unauthenticated attacker with network access via HTTP to impact data via PeopleTools, with potential unauthorized update/insert/dele...

bocajuniors.com.ar XSS vulnerability

Open Bug Bounty ID: OBB-679412 Description| Value ---|--- Affected Website:| bocajuniors.com.ar Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

necfru.jp XSS vulnerability

Open Bug Bounty ID: OBB-678005 Description| Value ---|--- Affected Website:| necfru.jp Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

bankdirector.com XSS vulnerability

Open Bug Bounty ID: OBB-674548 Description| Value ---|--- Affected Website:| bankdirector.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

awww.fanpop.com XSS vulnerability

Open Bug Bounty ID: OBB-673682 Description| Value ---|--- Affected Website:| awww.fanpop.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

schmid-bus.de XSS vulnerability

Open Bug Bounty ID: OBB-673479 Description| Value ---|--- Affected Website:| schmid-bus.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

filmundo.de XSS vulnerability

Open Bug Bounty ID: OBB-673246 Description| Value ---|--- Affected Website:| filmundo.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

vzr.nl XSS vulnerability

Open Bug Bounty ID: OBB-669565 Description| Value ---|--- Affected Website:| vzr.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

montecarmoshopping.com.br XSS vulnerability

Open Bug Bounty ID: OBB-667929 Description| Value ---|--- Affected Website:| montecarmoshopping.com.br Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

alzforum.org XSS vulnerability

Open Bug Bounty ID: OBB-667546 Description| Value ---|--- Affected Website:| alzforum.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...