Lucene search
K

176 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/02/22 5:56 a.m.5 views

Log-Chat vulnerable to cross-site scripting

Overview Log-Chat provided by Script contains a stored cross-site scripting vulnerability CWE-79. Masamu Asato of National Institute of Technology, Okinawa College reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

6.1CVSS5.9AI score0.01009EPSS
Exploits0References5
CNVD
CNVD
added 2016/02/22 12:0 a.m.1 views

HP Client Security Manager Cross-Site Scripting Vulnerability

HP Client Security Manager is a security manager product from Hewlett-Packard HP in the United States. The product provides features such as enhanced Windows logon and single sign-on for Web sites. A cross-site scripting vulnerability exists in HP Client Security Manager that originates from the...

6.6AI score
Exploits0References1
CNVD
CNVD
added 2016/01/04 12:0 a.m.3 views

Wordpress plugin iframe HTML injection vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site. iframe plugin is a pop-up layer allowing external URLs to be loaded into the iframe page plugin . Wordpress...

7.3AI score
Exploits0References1
CNVD
CNVD
added 2015/08/11 12:0 a.m.3 views

Apple Mac OS X 'entity' Parameter Cross-Site Scripting Vulnerability

Apple Mac OS X is a commercial operating system. A cross-site scripting vulnerability exists in the Apple Mac OS X 'entity' parameter. Because the program fails to properly filter user-supplied input, an attacker could exploit the vulnerability to execute arbitrary script code in the browser of a...

6.7AI score
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/07/15 5:45 a.m.5 views

Cybozu Garoon vulnerable to cross-site scritping

Overview Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains an issue in the function "Map search", which may result in a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of a user that is logged on. Solution Update...

3.5CVSS6AI score0.00936EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2014/07/14 12:0 a.m.19 views

WordPress Social Connect Plugin <= 1.0.4 XSS Vulnerability - Active Check

WordPress Social Connect Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS5.9AI score0.01629EPSS
Exploits1References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Faq-O-Matic 2.6/2.7 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4023/info FAQ-O-Matic is a freely available, open-source FAQ Frequently Asked Questions manager. It is intended to run on Linux and Unix variants. FAQ-O-Matic does not sufficiently filter script code from URL parameters. ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

GuppY 2.4 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8768/info GuppY is reported to be prone to a cross-site scripting vulnerability due to insufficient sanitization of user-supplied input. The problem exists in the postguest module of the software. This issue may allow a...

7.1AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/06/20 4:58 a.m.4 views

Webmin vulnerable to cross-site scripting

Overview Webmin is a web-based system management tool. Webmin contains a cross-site scripting vulnerability when "referrer checking" is turned off. Note that "referrer checking" is enabled by default. hasegawa reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

2.6CVSS6AI score0.00895EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2014/04/22 12:0 a.m.14 views

Oracle OpenSSO Multiple XSS Vulnerabilities

Oracle OpenSSO is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7AI score
Exploits0References5
OpenVAS
OpenVAS
added 2014/04/01 12:0 a.m.37 views

WordPress VideoWhisper Live Streaming Integration Multiple Vulnerabilities

WordPress VideoWhisper Live Streaming Integration Plugin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS7AI score0.1093EPSS
Exploits12References8
OpenVAS
OpenVAS
added 2013/03/20 12:0 a.m.27 views

Debian Security Advisory DSA 2651-1 (smokeping - cross-site scripting vulnerability)

A cross-site scripting vulnerability was discovered in smokeping, a latency logging and graphing system. Input passed to the displaymode parameter was not properly sanitized. An attacker could use this flaw to execute arbitrary HTML and script code in a user's browser session in the context of an...

4.3CVSS5.9AI score0.0134EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2012/06/19 5:31 a.m.4 views

WEB PATIO vulnerable to cross-site scripting

Overview WEB PATIO contains a cross-site scripting vulnerability. WEB PATIO is a bulletin-board software. WEB PATIO contains a vulnerability in handling web form entries, which may result in cross-site scripting. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated wi...

4.3CVSS5.8AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2012/05/25 6:37 a.m.5 views

RSSOwl vulnerable to arbitrary script execution

Overview RSSOwl is vulnerable to arbitrary script execution. RSSOwl is an RSS/Atom feed reader. RSSOwl is vulnerable to arbitrary script execution due to the improper processing during HTML page output based on feed information. Daiki Fukumori of Cyber Defense Institute, Inc. reported this...

4.3CVSS6.9AI score0.00931EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2012/02/02 12:0 a.m.35 views

SiT! Support Incident Tracker 3.64 XSS / CSRF / SQL Injection

Advisory Details: High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in SiT! Support Incident Tracker, which can be exploited to perform SQL injection, cross-site scripting, cross-site request forgery attacks. 1 Input passed via the "start" GET parameter to...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2011/09/28 12:0 a.m.34 views

Traq 2.2 Cross Site Scripting / SQL Injection

Vulnerability ID: HTB23046 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesintraq.html Product: Traq Vendor: Jack Polgar http://traqproject.org/ Vulnerable Version: 2.2 and probably prior Tested Version: 2.2 Vendor Notification: 07 September 2011 Vulnerability Type: XSS, SQL...

Exploits0
Tenable Nessus
Tenable Nessus
added 2011/09/23 12:0 a.m.10 views

phpMyAdmin 3.4.x < 3.4.5 Multiple XSS (PMASA-2011-14)

Binary data 6026.prm...

7.3AI score
Exploits0References1
Packet Storm
Packet Storm
added 2011/09/14 12:0 a.m.43 views

SiT! Support Incident Tracker 3.64 XSS / XSRF / SQL Injection

Vulnerability ID: HTB23043 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinsitsupportincidenttracker.html Product: SiT! Support Incident Tracker Vendor: The Support Incident Tracker Project http://sitracker.org/ Vulnerable Version: 3.64 and probably prior Tested Version: 3.64...

0.2AI score
Exploits0
htbridge
htbridge
added 2011/05/05 12:0 a.m.30 views

Cross-site Scripting (XSS) Vulnerabilities in phpScheduleIt

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in phpScheduleIt which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in phpScheduleIt 1.1 The vulnerability exists due to input sanitation errors in URL in th...

4.3CVSS6.5AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2011/04/28 12:0 a.m.18 views

Atlassian Confluence 2.x >= 2.7 / 3.x < 3.4.6 Multiple XSS

According to its self-reported version number, the instance of Atlassian Confluence on the remote host is a 2.x version that is 2.7 or later, or else version 3.x prior to 3.4.6. It is, therefore, affected by multiple, cross-site scripting vulnerabilities. Errors in the validation of input data to...

5.2AI score
Exploits0References9
Rows per page
Query Builder