109 matches found
Wordpress Cross-Site Scripting Vulnerability (CNVD-2019-45160)
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. Wordpress suffers from a cross-site scripting vulnerability. It allows an attacker to insert malicious js code into a page to...
Stored Cross-Site Scripting Vulnerability in New Jincheng Career Development Education Platform
JC Career Development Education Platform CDEP for short is a network implementation platform for career development education work of universities, colleges and universities, authorities and education and training institutions in China. A stored cross-site scripting vulnerability exists in the ne...
Stored Cross-Site Scripting Vulnerability in Morphology Digital Lab Teaching Platform Frontend
Morphology digital experimental teaching platform is a virtual reality system with the core of computer virtual reality and digital simulation technology, supported by biosimulation engine, processing factor database, virtual environment interface and other technologies. Morphology digital...
Cross site scripting
All versions up to V20.18.40.R7.B1of ZTE NetNumen DAP product have an XSS vulnerability. Due to the lack of correct validation of client data in WEB applications, which results in users being hijacked...
WordPress Download Manager Cross-Site Scripting Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress Download Manager. An attacker can insert malicious js code into the...
Stored cross-site scripting vulnerability in JYmusic frontend (CNVD-2019-13271)
JYmusic is an open source cross-platform music management system. JYmusic frontend has a stored cross-site scripting vulnerability, an attacker can insert malicious js code in the page to obtain user cookies and other information, resulting in user hijacking...
Stored cross-site scripting vulnerability in JYmusic frontend (CNVD-2019-13272)
JYmusic is an open source cross-platform music management system. JYmusic frontend has a stored cross-site scripting vulnerability, an attacker can insert malicious js code in the page to obtain user cookies and other information, resulting in user hijacking...
Stored cross-site scripting vulnerability in JYmusic frontend (CNVD-2019-13273)
JYmusic is an open source cross-platform music management system. JYmusic frontend has a stored cross-site scripting vulnerability, an attacker can insert malicious js code in the page to obtain user cookies and other information, resulting in user hijacking...
Stored cross-site scripting vulnerability in WODECMS front-end ne***.cl***.php file
WODECMS is a content management system developed based on a self-developed PHP development framework. A stored cross-site scripting vulnerability exists in the WODECMS front-end ne.cl.php file. An attacker can insert malicious js code into the page to obtain user cookies and other information,...
City Union website building system message platform exists xss vulnerability
City Union is a local portal alliance website organized by Beijing City Union Technology Co. City Union forum system message platform there are xss vulnerabilities, attackers use loopholes in the page to insert malicious js code, access to user cookies and other information, resulting in user...
Stored Cross-Site Scripting Vulnerability in Cloud Platform for Smart Government Construction
River network is a key news website in Henan Province, is agreed by the Henan Provincial Party Committee and Provincial Government, approved by the State Council Information Office, in the integration of the province's news and information resources based on the Henan newspaper network, the...
Storage-based Cross-site Scripting Vulnerability in the Website Building System of Guangdong Baicheng Talent Network Co.
Guangdong Baicheng Talent Network Co., Ltd. is an internet human resource service platform. A stored cross-site scripting vulnerability exists in the website building system of Guangdong Baicheng Talent Network Co. An attacker can insert malicious js code into the page to obtain user cookies and...
Stored Cross-Site Scripting Vulnerability in "I want to submit a paper" in the background of Daimi CMS
DAMI CMS is a PC building station and cell phone building station integrated all-in-one system. A stored cross-site scripting vulnerability exists in the "I want to submit" section of the backend of Daimi CMS. An attacker can insert malicious js code into the page to obtain user cookies and other...
Wchat PHP AJAX Chat Script Cross-Site Scripting Vulnerability
Wchat is a responsive PHP ajax inbox messaging chat WebApp for websites, mobile apps and control panels. A cross-site scripting vulnerability exists in Wchat PHP AJAX Chat Script. An attacker can insert malicious js code into a page to obtain user cookies and other information, leading to user...
Stored Cross-site Scripting Vulnerability in XYCMS Nursing Home Building System
XYCMS Nursing Home Building System is a nursing home building system designed for nursing homes. A stored cross-site scripting vulnerability exists in XYCMS Nursing Home Building System. An attacker can insert malicious js code into a page to obtain user cookies and other information, leading to...
Cross-site Scripting Vulnerability in YXcms
YXCMS is an efficient website management system built on PHP+MYSQL. A cross-site scripting vulnerability exists in YXcms version 1.4.7. An attacker can insert malicious js code into a page to obtain user cookies and other information, leading to user hijacking...
Stored Cross-Site Scripting Vulnerability in YzmCMS v3.8
YzmCMS is a lightweight and open source content management system based on PHP+Mysql architecture, running on Linux, Windows, MacOSX, Solaris and other platforms. A stored cross-site scripting vulnerability exists in YzmCMS v3.8. Attackers can insert malicious js code in the page to obtain user...
Stored Cross-site Scripting and SQL Injection Vulnerabilities in YXcms Backend Membership Management System
YXCMS is an efficient website management system built on PHP+MYSQL. A stored cross-site scripting and SQL injection vulnerability exists in the YXcms backend member management system. An attacker can exploit the vulnerabilities to obtain information such as database information and user cookies,...
Cross-Site Scripting Vulnerability in HDWIKI
HDWIKI is a free website builder, self-service website builder program developed by Interactive Encyclopedia. HDWIKI suffers from a cross-site scripting vulnerability. An attacker can insert malicious XSS code into a page to obtain user cookies and other information, leading to user hijacking...
XSS Vulnerability in StartBBS Lightweight Micro Community System at Postings
StartBBS Lightweight Micro Community System is an elegant, open source, lightweight community system based on Thinkphp 5.15 & Layui, with its own article system. StartBBS lightweight micro-community system v2.0.0 version of the posting at the storage-type XSS vulnerability, the attacker can inser...