19 matches found
CVE-2023-25440
Stored Cross Site Scripting XSS vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field...
CVE-2025-11946
A security flaw has been discovered in LogicalDOC Community Edition up to 9.2.1. This issue affects some unknown processing of the file /frontend.jsp of the component Add Contact Page. Performing manipulation of the argument First Name/Last Name/Company/Address/Phone/Mobile results in cross site...
EUVD-2025-35010
A security flaw has been discovered in LogicalDOC Community Edition up to 9.2.1. This issue affects some unknown processing of the file /frontend.jsp of the component Add Contact Page. Performing manipulation of the argument First Name/Last Name/Company/Address/Phone/Mobile results in cross site...
CVE-2025-11946
A security flaw has been discovered in LogicalDOC Community Edition up to 9.2.1. This issue affects some unknown processing of the file /frontend.jsp of the component Add Contact Page. Performing manipulation of the argument First Name/Last Name/Company/Address/Phone/Mobile results in cross site...
CVE-2025-11946 LogicalDOC Community Edition Add Contact frontend.jsp cross site scripting
A security flaw has been discovered in LogicalDOC Community Edition up to 9.2.1. This issue affects some unknown processing of the file /frontend.jsp of the component Add Contact Page. Performing manipulation of the argument First Name/Last Name/Company/Address/Phone/Mobile results in cross site...
CVE-2025-11946 LogicalDOC Community Edition Add Contact frontend.jsp cross site scripting
A security flaw has been discovered in LogicalDOC Community Edition up to 9.2.1. This issue affects some unknown processing of the file /frontend.jsp of the component Add Contact Page. Performing manipulation of the argument First Name/Last Name/Company/Address/Phone/Mobile results in cross site...
CVE-2025-11946
CVE-2025-11946 affects LogicalDOC Community Edition up to 9.2.1. The issue stems from incorrect handling of parameters in /frontend.jsp (Add Contact Page), where manipulation of First Name/Last Name/Company/Address/Phone/Mobile can trigger cross-site scripting. Remote exploitation is possible, an...
MainWP: Stored Cross-Site Scripting (XSS) in "Add Contact" Name Field – MainWP Plugin
A stored cross-site scripting XSS vulnerability was discovered in the MainWP WordPress plugin. The vulnerability was found in the "Add Contact" Contact Name field, where user input was not properly sanitized before rendering it back into the DOM. As a result, an attacker could inject malicious...
BIT-CIVICRM-2023-25440
Stored Cross Site Scripting XSS vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field...
DEBIAN-CVE-2023-25440
Stored Cross Site Scripting XSS vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field...
CVE-2023-25440
Stored Cross Site Scripting XSS vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field...
UBUNTU-CVE-2023-25440
Stored Cross Site Scripting XSS vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field...
PT-2023-20063 · Civicrm +1 · Civicrm +1
Name of the Vulnerable Software and Affected Versions: CiviCRM version 5.59.alpha1 Description: A Stored Cross Site Scripting XSS issue exists in the add contact function, allowing attackers to execute arbitrary code in the first/second name field. Recommendations: For CiviCRM version 5.59.alpha1...
CVE-2023-25440
CVE-2023-25440 affects CiviCRM 5.59.alpha1. The vulnerability is a Stored Cross-Site Scripting (XSS) in the Add Contact function, exploitable via the first/second name fields, enabling an attacker to execute arbitrary scripts when the page loads. Multiple connected sources confirm the issue and r...
Printer Pro 5.4.3 IOS - Persistent Cross-Site Scripting
Printer Pro 5.4.3 IOS - Persistent Cross-Site Scripting Document Title: =============== Printer Pro 5.4.3 IOS - Cross Site Scripting Credits & Authors: ================== TaurusOmar - @TaurusOmar [email protected] taurusomar.blogspot.com Release Date: ============= 2015-08-11 Product & Servi...
Easypush Server Manager Persistent Xss Vulnerability
No description provided by source. Name : Easypush Server Manager Persistent Xss Vulnerability Date : Sept,1 2010 Vendor Url : http://deeproot.in/ Author : Sid3^effects aKa HaRi shellc99atyahoo.com Big hugs : Th3 RDX,Hananbutt special thanks to : r0073r inj3ct0r.com,L0rd...
Easypush Server Manager Persistent Xss Vulnerability
Exploit for php platform in category web applications ==================================================== Easypush Server Manager Persistent Xss Vulnerability ==================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' ...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Sun Java System Communications Express 6 2005Q4 aka 6.2 and 6.3 allow remote attackers to inject arbitrary web script or HTML via 1 the abpersondisplayName parameter to uwc/abs/search.xml in the Add Contact implementation in the Personal Addres...
CVE-2009-1729
Multiple cross-site scripting XSS vulnerabilities in Sun Java System Communications Express 6 2005Q4 aka 6.2 and 6.3 allow remote attackers to inject arbitrary web script or HTML via 1 the abpersondisplayName parameter to uwc/abs/search.xml in the Add Contact implementation in the Personal Addres...