Lucene search
K

145 matches found

OSV
OSV
added 2021/10/22 8:15 p.m.6 views

CVE-2020-36491

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component tagsmain.php via the activepath, keyword, tag, fmdo=x&filename, CKEditor and CKEditorFuncNum parameters...

5.4CVSS6AI score
Exploits0References1
OSV
OSV
added 2021/10/22 8:15 p.m.2 views

CVE-2020-23044

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component filepicview.php via the activepath, keyword, tag, fmdo=x&filename, CKEditor and CKEditorFuncNum parameters...

5.4CVSS5.7AI score
Exploits0References1
NVD
NVD
added 2021/10/22 8:15 p.m.20 views

CVE-2020-23044

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component filepicview.php via the activepath, keyword, tag, fmdo=x&filename, CKEditor and CKEditorFuncNum parameters...

5.4CVSS0.00562EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/10/22 12:0 a.m.7 views

Desdev DedeCMS 跨站脚本漏洞

DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the activepath, keyword,...

5.4CVSS5.3AI score0.00562EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/10/22 12:0 a.m.7 views

Desdev DedeCMS 跨站脚本漏洞

DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via activepath, keyword, tag,...

5.4CVSS5.3AI score0.00562EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/10/22 12:0 a.m.6 views

Desdev DedeCMS 跨站脚本漏洞

DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the activepath, keyword,...

5.4CVSS5.3AI score0.00562EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/10/22 12:0 a.m.5 views

Desdev DedeCMS 跨站脚本漏洞

DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via activepath, keyword, tag,...

5.4CVSS5.3AI score0.00562EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/10/22 12:0 a.m.5 views

DedeCMS 跨站脚本漏洞

DedeCMS Dream Weaving Content Management System is a set of simple, robust, flexible, open source several characteristics of open source content management system. DedeCMS has a cross-site scripting vulnerability that can be exploited to inject malicious script code via the activepath, keyword,...

5.4CVSS5.3AI score0.00562EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/08/26 12:0 a.m.7 views

FeehiCMS 跨站脚本漏洞

FeehiCMS is a Php-based CMS website builder by Liufee's personal developer. liufee feehicms suffers from a cross-site scripting vulnerability that stems from insufficient filtering of the tag parameter in version 0.1.3 of feehicms that allows an attacker to execute arbitrary web pages or HTML via...

6.1CVSS6.3AI score0.00641EPSS
Exploits1References2
OSV
OSV
added 2021/06/17 4:15 p.m.5 views

CVE-2020-35373

In Fiyo CMS 2.0.6.1, the 'tag' parameter results in an unauthenticated XSS attack...

6.1CVSS5.8AI score0.00695EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2021/06/17 12:0 a.m.5 views

PT-2021-11758 · Fiyo Cms · Fiyo Cms

Name of the Vulnerable Software and Affected Versions: Fiyo CMS version 2.0.6.1 Description: The issue allows for an unauthenticated XSS attack. This occurs due to the tag parameter being vulnerable. Recommendations: For Fiyo CMS version 2.0.6.1, avoid using the tag parameter in affected areas...

6.1CVSS6AI score0.00695EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/06/17 12:0 a.m.7 views

Fiyo CMS 跨站脚本漏洞

Fiyo CMS is a content management system and software that allows users to add and/or manipulate change website content. A cross-site scripting vulnerability exists in the tag parameter in Fiyo CMS version 2.0.6.1. An attacker can exploit this vulnerability to add html/JavaScript to html code...

6.1CVSS5.2AI score0.00695EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/04/05 12:0 a.m.5 views

WordPress插件Elementor Website Builder 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...

5.4CVSS5.5AI score0.00746EPSS
Exploits2References3
CNVD
CNVD
added 2018/09/04 12:0 a.m.3 views

MiniCMS Cross-Site Scripting Vulnerability (CNVD-2018-19088)

MiniCMS is a mini content management system CMS designed for personal websites. A cross-site scripting vulnerability exists in the mc-admin/post.php file in MiniCMS versions prior to 1.10, which can be exploited by remote attackers to inject arbitrary Web script or HTML with the help of the 'tag'...

6.1CVSS6AI score0.00865EPSS
Exploits1References1
CNVD
CNVD
added 2018/05/11 12:0 a.m.4 views

WUZHI CMS Cross-Site Scripting Vulnerability (CNVD-2018-09387)

WUZHI CMS is China's five fingers WUZHI Internet technology company based on PHP and MySQL open source content management system CMS. A cross-site scripting vulnerability exists in WUZHI CMS version 4.1.0. A remote attacker can exploit this vulnerability by sending the 'tag' parameter to the...

5.4CVSS6.3AI score0.00684EPSS
Exploits1References1
OSV
OSV
added 2018/04/05 7:29 p.m.3 views

CVE-2018-9328

PHP Scripts Mall Redbus Clone Script 3.0.6 has XSS via the terfrom or tag parameter to results.php...

6.1CVSS5.8AI score0.00692EPSS
Exploits1References1
OSV
OSV
added 2017/10/28 12:29 a.m.6 views

CVE-2017-15946

In the comtag component 1.7.6 for Joomla!, a SQL injection vulnerability is located in the tag parameter to index.php. The request method to execute is GET...

9.8CVSS5.9AI score0.01077EPSS
Exploits3References2
Openbugbounty
Openbugbounty
added 2017/10/20 10:24 p.m.10 views

highend3d.com XSS vulnerability

Vulnerable URL: https://www.highend3d.com/?tag=...

6.9AI score
Exploits0
Cvelist
Cvelist
added 2017/08/21 1:0 a.m.30 views

CVE-2017-12977

The Web-Dorado "Photo Gallery by WD - Responsive Photo Gallery" plugin before 1.3.51 for WordPress has a SQL injection vulnerability related to bwgedittag in photo-gallery.php and edittag in admin/controllers/BWGControllerTagsbwg.php. It is exploitable by administrators via the tagid parameter...

7.2AI score0.01593EPSS
Exploits0References2
OSV
OSV
added 2016/02/06 5:59 a.m.4 views

CVE-2016-1311

Cross-site scripting XSS vulnerability in the management interface in Cisco Jabber Guest Server 10.68 allows remote attackers to inject arbitrary web script or HTML via the host tag parameter, aka Bug ID CSCuy08224...

6.1CVSS5.9AI score0.01009EPSS
Exploits0References2
Rows per page
Query Builder