5210 matches found
CVE-2024-25219
A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Task Name parameter /TaskManager/Task.php...
CVE-2024-25226
A cross-site scripting XSS vulnerability in Simple Admin Panel App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category Name parameter under the Add Category function...
Cross site scripting
A cross-site scripting XSS vulnerability in Simple Admin Panel App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category Name parameter under the Add Category function...
Cross site scripting
Barangay Population Monitoring System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in the Add Resident function at /barangay-population-monitoring-system/masterlist.php. This vulnerabiity allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
Cross site scripting
Barangay Population Monitoring System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in the Add Resident function at /barangay-population-monitoring-system/masterlist.php. This vulnerabiity allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
Cross site scripting
A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Project Name parameter /TaskManager/Projects.php...
Cross site scripting
A cross-site scripting XSS vulnerability in Simple Admin Panel App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Size Number parameter under the Add Size function...
Cross site scripting
A cross-site scripting XSS vulnerability in Simple Admin Panel App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category Name parameter under the Add Category function...
CVE-2024-25224
A cross-site scripting XSS vulnerability in Simple Admin Panel App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Size Number parameter under the Add Size function...
CVE-2024-25225
A cross-site scripting XSS vulnerability in Simple Admin Panel App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category Name parameter under the Add Category function...
CVE-2024-25226
A cross-site scripting XSS vulnerability in Simple Admin Panel App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category Name parameter under the Add Category function...
CVE-2024-25221
A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note Section parameter at /TaskManager/Tasks.php...
CVE-2024-25219
A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Task Name parameter /TaskManager/Task.php...
CVE-2024-25207
Barangay Population Monitoring System v1.0 was discovered to contain a cross-site scripting XSS vulnerability in the Add Resident function at /barangay-population-monitoring-system/masterlist.php. This vulnerabiity allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
TNC PDF viewer < 2.9.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode
Description The TNC PDF viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 2.8.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-25300
CVE-2024-25300 affects Redaxo v5.15.1, exposing an XSS in the Template section via the Name parameter. The root cause is unsanitized input in Name, allowing arbitrary web scripts/HTML execution. Impact is limited to the affected user/recipient interactions as described (no exploit details provide...
CVE-2024-25226
CVE-2024-25226 : The connected sources consistently describe a Cross-Site Scripting (XSS) vulnerability in Simple Admin Panel App v1.0, exploitable via a crafted payload injected into the Category Name parameter of the Add Category function. Impacted component: the Add Category workflow; vulnerab...
PJ News Ticker <= 6.8.10 - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode
Description The PJ News Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 6.8.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...
CVE-2024-25219
CVE-2024-25219 affects Task Manager App v1.0. The vulnerability is a cross-site scripting (XSS) flaw in the Task Name parameter of the /TaskManager/Task.php endpoint, enabling attackers to inject and execute arbitrary web scripts/HTML. Affected component: Task Manager App, file /TaskManager/Task....
CVE-2024-1160
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Icon Link in all versions up to, and including, 4.8.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor-level and...