145 matches found
CVE-2020-36491
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component tagsmain.php via the activepath, keyword, tag, fmdo=x&filename, CKEditor and CKEditorFuncNum parameters...
CVE-2020-23044
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component filepicview.php via the activepath, keyword, tag, fmdo=x&filename, CKEditor and CKEditorFuncNum parameters...
CVE-2020-23044
DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component filepicview.php via the activepath, keyword, tag, fmdo=x&filename, CKEditor and CKEditorFuncNum parameters...
Desdev DedeCMS 跨站脚本漏洞
DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the activepath, keyword,...
Desdev DedeCMS 跨站脚本漏洞
DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via activepath, keyword, tag,...
Desdev DedeCMS 跨站脚本漏洞
DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the activepath, keyword,...
Desdev DedeCMS 跨站脚本漏洞
DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via activepath, keyword, tag,...
DedeCMS 跨站脚本漏洞
DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the activepath, keyword,...
FeehiCMS 跨站脚本漏洞
FeehiCMS is a Php-based CMS website builder by Liufee's personal developer. liufee feehicms suffers from a cross-site scripting vulnerability that stems from insufficient filtering of the tag parameter in version 0.1.3 of feehicms that allows an attacker to execute arbitrary web pages or HTML via...
CVE-2020-35373
In Fiyo CMS 2.0.6.1, the 'tag' parameter results in an unauthenticated XSS attack...
PT-2021-11758 · Fiyo Cms · Fiyo Cms
Name of the Vulnerable Software and Affected Versions: Fiyo CMS version 2.0.6.1 Description: The issue allows for an unauthenticated XSS attack. This occurs due to the tag parameter being vulnerable. Recommendations: For Fiyo CMS version 2.0.6.1, avoid using the tag parameter in affected areas...
Fiyo CMS 跨站脚本漏洞
Fiyo CMS is a content management system and software that allows users to add and/or manipulate change website content. A cross-site scripting vulnerability exists in the tag parameter in Fiyo CMS version 2.0.6.1. An attacker can exploit this vulnerability to add html/JavaScript to html code...
WordPress插件Elementor Website Builder 跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...
MiniCMS Cross-Site Scripting Vulnerability (CNVD-2018-19088)
MiniCMS is a mini content management system CMS designed for personal websites. A cross-site scripting vulnerability exists in the mc-admin/post.php file in MiniCMS versions prior to 1.10, which can be exploited by remote attackers to inject arbitrary Web script or HTML with the help of the 'tag'...
WUZHI CMS Cross-Site Scripting Vulnerability (CNVD-2018-09387)
WUZHI CMS is China's five fingers WUZHI Internet technology company based on PHP and MySQL open source content management system CMS. A cross-site scripting vulnerability exists in WUZHI CMS version 4.1.0. A remote attacker can exploit this vulnerability by sending the 'tag' parameter to the...
CVE-2018-9328
PHP Scripts Mall Redbus Clone Script 3.0.6 has XSS via the terfrom or tag parameter to results.php...
CVE-2017-15946
In the comtag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the tag parameter to index.php. The request method to execute is GET...
highend3d.com XSS vulnerability
Vulnerable URL: https://www.highend3d.com/?tag=...
CVE-2017-12977
The Web-Dorado "Photo Gallery by WD - Responsive Photo Gallery" plugin before 1.3.51 for WordPress has a SQL injection vulnerability related to bwgedittag in photo-gallery.php and edittag in admin/controllers/BWGControllerTagsbwg.php. It is exploitable by administrators via the tagid parameter...
CVE-2016-1311
Cross-site scripting XSS vulnerability in the management interface in Cisco Jabber Guest Server 10.68 allows remote attackers to inject arbitrary web script or HTML via the host tag parameter, aka Bug ID CSCuy08224...