RosarioSIS cross-site scripting vulnerability (CNVD-2020-42951)

RosarioSIS is a student information system for school management. A cross-site scripting vulnerability exists in RosarioSIS 6.7.2. The vulnerability stems from improper validation of user-supplied input in the Search.inc.php script. A remote attacker can exploit the vulnerability by using the...

PT-2009-4665

Name of the Vulnerable Software and Affected Versions DirectAdmin versions 1.33.6 and earlier Description A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request. This occurs due to a vulnerability in CMD...