Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2025/11/21 12:18 a.m.7 views

CVE-2025-60796

phpPgAdmin 7.13.0 and earlier contains multiple cross-site scripting XSS vulnerabilities across various components. User-supplied input from $REQUEST parameters is reflected in HTML output without proper encoding or sanitization in multiple locations including sequences.php, indexes.php, admin.ph...

6.1CVSS6.4AI score0.00198EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-3346

Malware in sbrugna...

4.3CVSS6.1AI score0.01029EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 8:46 a.m.9 views

CVE-2019-6562

In Philips Tasy EMR, Tasy EMR Versions 3.02.1744 and prior, the software incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users...

5.4CVSS6.8AI score0.00683EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/02 9:47 a.m.15 views

CVE-2025-2072

A Reflected Cross-Site Scripting XSS vulnerability has been discovered in FAST LTA Silent Brick WebUI, allowing attackers to inject malicious JavaScript code into web pages viewed by users. This issue arises when user-supplied input is improperly handled and reflected directly in the output of a...

5.1CVSS6.2AI score0.00332EPSS
Exploits0References1
Snyk
Snyk
added 2025/01/14 6:32 p.m.1 views

Cross-site Scripting (XSS)

Overview org.jboss.hal:hal-core is a Core HAL API. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper neutralization of user-controllable input before it is placed in output that is served as a web page. An attacker can execute arbitrary script in the...

8.5CVSS5.4AI score0.00426EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/01/14 6:16 p.m.4 views

CVE-2025-23366

A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups...

6.5CVSS5.4AI score0.00426EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.28 views

Moxa NPort Cross-site Scripting(CVE-2016-9371)

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPor...

6.1CVSS6.9AI score0.00826EPSS
Exploits0References3
Huntr
Huntr
added 2023/06/08 6:35 p.m.14 views

Stored XSS vulnerability

Description The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. Proof of Concept 1 Step1: The user has the right to access and perform the creation of surveys, with the payload...

6.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2020/12/28 12:0 a.m.2 views

PT-2020-17363 · Open Source Matters · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 2.5.0 through 3.9.22 Description: An issue was discovered where the global configuration page does not remove secrets from the HTML output, disclosing the current values. Recommendations: For Joomla! versions 2.5.0 through...

7.5CVSS6.5AI score0.01305EPSS
Exploits0References6
OSV
OSV
added 2019/05/01 7:29 p.m.2 views

CVE-2019-6562

In Philips Tasy EMR, Tasy EMR Versions 3.02.1744 and prior, the software incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users...

5.4CVSS6.1AI score0.00683EPSS
Exploits0References1
NVD
NVD
added 2019/05/01 7:29 p.m.19 views

CVE-2019-6562

In Philips Tasy EMR, Tasy EMR Versions 3.02.1744 and prior, the software incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users...

5.4CVSS5.4AI score0.00683EPSS
Exploits0References1
OSV
OSV
added 2018/09/26 7:29 p.m.3 views

CVE-2018-8846

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is then served to other users...

6.1CVSS5.8AI score0.01259EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2018/09/26 7:29 p.m.3 views

CVE-2018-8846

Philips e-Alert Unit non-medical device, Version R2.1 and prior. The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is then served to other users...

6.1CVSS5.5AI score0.01259EPSS
Exploits0References4
Prion
Prion
added 2017/02/13 9:59 p.m.6 views

Cross site scripting

An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. User controlled input is not neutralized prior to being placed in web page output CROSS-SITE SCRIPTING...

4.3CVSS7.1AI score0.01058EPSS
Exploits0References2
NVD
NVD
added 2017/02/13 9:59 p.m.10 views

CVE-2016-5811

An issue was discovered in Visonic PowerLink2, all versions prior to October 2016 firmware release. User controlled input is not neutralized prior to being placed in web page output CROSS-SITE SCRIPTING...

6.1CVSS6.2AI score0.01058EPSS
Exploits0References2
Rows per page
Query Builder