15 matches found
PT-2026-5799
Zendesk SweetHawk Survey 1.6 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through support ticket submissions. Attackers can insert XSS payloads like script tags into ticket text that automatically execute when survey pages are loaded b...
CVE-2025-13060
CVE-2025-13060 affects SourceCodester Survey Application System 1.0. The issue is a SQL injection in the function handling the parameter ID in the file /view_survey.php. It can be exploited remotely, and multiple sources note that the exploit has been publicly disclosed. The vulnerability’s sever...
CVE-2024-56377
A stored cross-site scripting XSS vulnerability in survey titles of REDCap 14.9.6 allows authenticated users to inject malicious scripts into the Survey Title field or Survey Instructions. When a user receives a survey and clicks anywhere on the survey page to enter data, the crafted payload whic...
The vulnerability of TP-Link WR941ND router’s microprogramming software, related to the execution of operations outside the buffer in memory, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of TP-Link WR941ND router’s microprogramming software lies in the fact that the operation exceeds the buffer limits in memory when processing the page /userRpm/popupSiteSurveyRpm.htm with the parameter ssid. Exploiting this vulnerability allows a remote attacker to compromise th...
TP-LINK TL-WR941ND 安全漏洞
TP-LINK TL-WR941ND is a wireless router from China Pop-Up Union TP-LINK. A security vulnerability exists in TP-LINK TL-WR941ND version V6, which originates from a stack overflow vulnerability in the ssid parameter in /userRpm/popupSiteSurveyRpm.htm...
NETGEAR WN604 安全漏洞
The NETGEAR WN604 is a small wireless router from NETGEAR. An information disclosure vulnerability exists in the NETGEAR WN604. An attacker can use this vulnerability to access the siteSurvey.php page to obtain sensitive information such as the SSID, security type, encryption method, and channel ...
LimeSurvey cross-site scripting vulnerability (CNVD-2021-00893)
limesurvey is an open source online questionnaire program with many functions such as questionnaire design, modification, release, recovery and statistics. A cross-site scripting vulnerability exists in the "Quota" component of the "Survey" page in LimeSurvey 3.21.1. An attacker can exploit this...
CVE-2020-25799
LimeSurvey 3.21.1 is affected by cross-site scripting XSS in the Quota component of the Survey page. When the survey quota being viewed, e.g. by an administrative user, the JavaScript code will be executed in the browser...
LimeSurvey 跨站脚本漏洞
limesurvey is an open source online questionnaire program with many functions such as questionnaire design, modification, release, recovery and statistics. A cross-site scripting vulnerability exists in the "Quota" component of the "Survey" page in LimeSurvey 3.21.1. An attacker can exploit this...
PT-2020-16219 · Limesurvey · Limesurvey
Name of the Vulnerable Software and Affected Versions: LimeSurvey version 3.21.1 Description: The issue affects the Quota component of the Survey page, where cross-site scripting XSS can occur. When an administrative user views the survey quota, JavaScript code will be executed in the browser...
butterflyhouse.co.uk XSS vulnerability
Open Bug Bounty ID: OBB-640255 Description| Value ---|--- Affected Website:| butterflyhouse.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
PT-2017-13302 · Intelbras · Intelbras Wireless N 150Mbps Router
Name of the Vulnerable Software and Affected Versions: Intelbras Wireless N 150Mbps router with firmware WRN 240 Description: The issue allows attackers to steal wireless credentials without being connected to the network. This is related to userRpm/popupSiteSurveyRpm.htm and...
Aries QWR-1104 Wireless-N Cross Site Scripting
Exploit Title: Aries QWR-1104 Wireless-N Router Execute JavaScript in Wireless Site Survey page. Date: 26-05-2017 Vendor Homepage : http://www.ariesnetworks.net/ Firmware Version: WRC.253.2.0913 Exploit Author: Touhid M.Shaikh Contact: http://twitter.com/touhidshaikh22 Website:...
QWR-1104 Wireless-N Router - Cross-Site Scripting
QWR-1104 Wireless-N Router - Cross-Site Scripting Exploit Title: Aries QWR-1104 Wireless-N Router Execute JavaScript in Wireless Site Survey page. Date: 26-05-2017 Vendor Homepage : http://www.ariesnetworks.net/ Firmware Version: WRC.253.2.0913 Exploit Author: Touhid M.Shaikh Contact:...
darkreading.com XSS vulnerability
Vulnerable URL: http://www.darkreading.com/surveyjspage.asp?surveyid=1"--!"=1contentid=1 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 50485 VIP website status:| No Coordinated...