5210 matches found
CVE-2023-37122
A stored cross-site scripting XSS vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module...
CVE-2023-37134
A stored cross-site scripting XSS vulnerability in the Basic Information module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-37135
A stored cross-site scripting XSS vulnerability in the Image Upload module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-37136
A stored cross-site scripting XSS vulnerability in the Basic Website Information module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-37132
A stored cross-site scripting XSS vulnerability in the custom variables module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-37133
A stored cross-site scripting XSS vulnerability in the Column management module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
Cross site scripting
A stored cross-site scripting XSS vulnerability in the custom variables module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
Cross site scripting
A stored cross-site scripting XSS vulnerability in the Site Setup module of SEACMS v12.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
Cross site scripting
A stored cross-site scripting XSS vulnerability in the Management Custom label module of SEACMS v12.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
Cross site scripting
A stored cross-site scripting XSS vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module...
CVE-2023-37134
A stored cross-site scripting XSS vulnerability in the Basic Information module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-27225
A cross-site scripting XSS vulnerability in User Registration & Login and User Management System with Admin Panel v3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the first and last name field...
CVE-2023-37136
A stored cross-site scripting XSS vulnerability in the Basic Website Information module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-37136
A stored cross-site scripting XSS vulnerability in the Basic Website Information module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
PT-2023-25790 · Seacms · Seacms
Name of the Vulnerable Software and Affected Versions: SEACMS version 12.1 Description: A stored cross-site scripting XSS issue in the Site Setup module allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Recommendations: For SEACMS version 12.1, update the Site Setup...
CVE-2023-37124
A stored cross-site scripting XSS vulnerability in the Site Setup module of SEACMS v12.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-37125
A stored cross-site scripting XSS vulnerability in the Management Custom label module of SEACMS v12.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-37124
A stored cross-site scripting XSS vulnerability in the Site Setup module of SEACMS v12.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
FluentSMTP < 2.2.5 - Unauthenticated Stored Cross-Site Scripting
The plugin does not adequately sanitize and escape input in the email subject, making it possible to inject arbitrary web scripts that execute when a user accesses the affected page...
CVE-2023-37125
A stored cross-site scripting XSS vulnerability in the Management Custom label module of SEACMS v12.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...