103 matches found
CVE-2021-47808
Cotonti Siena 0.9.19 contains a stored cross-site scripting vulnerability in the admin configuration panel's site title parameter. Attackers can inject malicious JavaScript code through the 'maintitle' parameter to execute scripts when administrators view the page...
CVE-2021-47808
Cotonti Siena 0.9.19 contains a stored cross-site scripting vulnerability in the admin configuration panel's site title parameter. Attackers can inject malicious JavaScript code through the 'maintitle' parameter to execute scripts when administrators view the page...
CVE-2021-47808
Cotonti Siena 0.9.19 contains a stored cross-site scripting vulnerability in the admin configuration panel's site title parameter. Attackers can inject malicious JavaScript code through the 'maintitle' parameter to execute scripts when administrators view the page...
CVE-2021-47808 Cotonti Siena 0.9.19 - 'maintitle' Stored Cross-Site Scripting
Cotonti Siena 0.9.19 contains a stored cross-site scripting vulnerability in the admin configuration panel's site title parameter. Attackers can inject malicious JavaScript code through the 'maintitle' parameter to execute scripts when administrators view the page...
CVE-2021-47808
Cotonti Siena 0.9.19 contains a stored cross-site scripting vulnerability in the admin configuration panel's site title parameter. Attackers can inject malicious JavaScript code through the 'maintitle' parameter to execute scripts when administrators view the page...
CVE-2021-47808
CVE-2021-47808 relates to Cotonti Siena 0.9.19, exposing a stored cross-site scripting (XSS) vulnerability in the admin configuration panel’s site title parameter. The issue allows injection of JavaScript through the ‘maintitle’ field, enabling script execution when administrators view the page. ...
PT-2026-3178
Cotonti Siena 0.9.19 contains a stored cross-site scripting vulnerability in the admin configuration panel's site title parameter. Attackers can inject malicious JavaScript code through the 'maintitle' parameter to execute scripts when administrators view the page...
WordPress Xpro Addons For Elementor plugin <= 1.4.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Site Title' widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'Site Title' widget vulnerability discovered by Prissy - Developer in WordPress Plugin Xpro Elementor Addons versions = 1.4.7.1...
EUVD-2021-0196
Malware in sbrugna...
EUVD-2018-20830
Malware in sbrugna...
EUVD-2012-1441
Malware in sbrugna...
EUVD-2020-11065
Malware in sbrugna...
EUVD-2018-2395
Malware in sbrugna...
EUVD-2025-5874
Malicious code in bioql PyPI...
EUVD-2022-28155
Malicious code in bioql PyPI...
CVE-2025-52037
A vulnerability has been found in NotesCMS and classified as medium. Affected by this vulnerability is the page /index.php?route=sites. The manipulation of the title of the service descriptions leads to a stored XSS vulnerability. The issue was confirmed to be present in the source code as of...
📄 bludit 3.16.2 Directory Traversal
bludit version 3.16.2 suffers from a directory traversal vulnerability. Exploit Title: Directory Traversal "Site Title" - bluditv3.16.2 Date: 07/2025 Exploit Author: Andrey Stoykov Version: 3.16.2 Tested on: Debian 12 Blog: https://msecureltd.blogspot.com/ Directory Traversal "Site Title" 1: Step...
CVE-2024-5757
The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the url attribute within the plugin's Site Title widget in all versions up to, and including, 1.6.35 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2021-29002
A stored cross-site scripting XSS vulnerability in Plone CMS 5.2.3 exists in site-controlpanel via the "form.widgets.sitetitle" parameter...
CVE-2020-19158
Cross Site Scripting XSS in S-CMS build 20191014 and earlier allows remote attackers to execute arbitrary code via the 'Site Title' parameter of the component '/data/admin//app/config/'...