CVE-2019-25658

a-Mac Address Change 5.4 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input to registration form fields. Attackers can paste 212 bytes of data into the 'Your Name', 'Your Company', or 'Register Code' fields and click th...

Code-Projects Public Chat Room 代码注入漏洞

Code-Projects Public Chat Room is Code-Projects open source public chat room software. Code-Projects Public Chat Room version 1.0 suffers from a code injection vulnerability, which originates from a cross-site scripting attack due to incorrect manipulation of the chatmsg/yourname parameter in the...

SourceCodester Product Review Rating System Cross-Site Scripting Vulnerability

Product Review Rating System is a product review and rating system. A cross-site scripting vulnerability exists in SourceCodester Product Review Rating System version 1.0, which stems from a cross-site scripting XSS vulnerability in the parameter Your Name/Comment of the component Rate Product...

CVE-2024-24136

The 'Your Name' field in the Submit Score section of Sourcecodester Math Game with Leaderboard v1.0 is vulnerable to Cross-Site Scripting XSS attacks...

PT-2024-20289 · Unknown · Sourcecodester Math Game With Leaderboard

Name of the Vulnerable Software and Affected Versions: Sourcecodester Math Game with Leaderboard version 1.0 Description: The issue concerns a Cross-Site Scripting XSS attack vulnerability. Specifically, the 'Your Name' field in the Submit Score section is affected. This type of attack occurs whe...

My-Blog 跨站请求伪造漏洞

My-Blog is by SpringBoot + Mybatis + Thymeleaf and other technologies to achieve the Java blog system , page beautiful , full-featured , easy to deploy and perfect code . A cross-site request forgery vulnerability exists in My-Blog, which stems from a problem in the file...

GHSA-G688-7J3C-H9F3 Known v1.3.1 Cross-site Scripting

A cross-site scripting XSS vulnerability in Known v1.3.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Your Name text field. The researcher report indicates that versions 1.3.1 and prior are vulnerable. Version 1.2.2 is the last...

Known v1.3.1 Cross-site Scripting

A cross-site scripting XSS vulnerability in Known v1.3.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Your Name text field. The researcher report indicates that versions 1.3.1 and prior are vulnerable. Version 1.2.2 is the last...

CVE-2022-31290

A cross-site scripting XSS vulnerability in Known v1.2.2+2020061101 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Your Name text field...

CVE-2022-31290

A cross-site scripting XSS vulnerability in Known v1.2.2+2020061101 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Your Name text field...

CVE-2022-31290

A cross-site scripting XSS vulnerability in Known v1.2.2+2020061101 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Your Name text field...

CVE-2022-31290

A cross-site scripting XSS vulnerability in Known v1.2.2+2020061101 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Your Name text field...

Known 跨站脚本漏洞

Known is an American Known open source social publishing platform. A security vulnerability exists in Known v1.3.1 and below, which stems from the presence of a cross-site scripting XSS vulnerability that allows an authenticated attacker to execute arbitrary web script or HTML via a crafted paylo...

CVE-2006-3538

Multiple cross-site scripting XSS vulnerabilities in demo.php in BeatificFaith Eprayer Alpha allow remote attackers to inject arbitrary web script or HTML via the SRC attribute of a SCRIPT element in the 1 "Your name" field and 2 "Enter Prayer Request here" field...

CVE-2006-1697

Cross-site scripting XSS vulnerability in Matt Wright Guestbook 2.3.1 allows remote attackers to execute arbitrary web script or HTML via the 1 Your Name, 2 E-Mail, or 3 Comments fields when posting a message...

CVE-2006-1697

Cross-site scripting XSS vulnerability in Matt Wright Guestbook 2.3.1 allows remote attackers to execute arbitrary web script or HTML via the 1 Your Name, 2 E-Mail, or 3 Comments fields when posting a message...

CVE-2004-1817

Cross-site scripting XSS vulnerability in modules.php in Php-Nuke 7.1.0 allows remote attackers to inject arbitrary web script or HTML via the 1 Your Name field, 2 e-mail field, 3 nicname field, 4 fname parameter, 5 ratenum parameter, or 6 search field...