5 matches found
CVE-2017-20209
Nagios Fusion prior to version 4.0.1 is vulnerable to cross-site scripting (XSS) via the Users and Servers pages. The issue arises from insufficient validation or escaping of user-supplied input, potentially allowing an attacker to inject and execute arbitrary script in a victim’s browser. The pr...
CVE-2023-46886
Dreamer CMS before version 4.0.1 is vulnerable to Directory Traversal. Background template management allows arbitrary modification of the template file, allowing system sensitive files to be read...
Dreamer CMS Security Vulnerability
Dreamer CMS is a dreamer content management system developed by Junnan Wang, an individual developer in China. A security vulnerability exists in Dreamer CMS versions prior to 4.0.1, which stems from an arbitrary file download vulnerability in the attachment management office feature...
CVE-2022-31478
The UserTakeOver plugin before 4.0.1 for ILIAS allows an attacker to list all users via the search function...
CVE-2014-9032
Cross-site scripting XSS vulnerability in the media-playlists feature in WordPress before 3.9.x before 3.9.3 and 4.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...