52 matches found
PT-2022-14796 · Unknown · Pandora Fms
Name of the Vulnerable Software and Affected Versions: Pandora FMS versions 7.0NG.761 and below Description: The issue concerns a Stored Cross Site-Scripting vulnerability in the agent creation section, specifically affecting the alias parameter. This can be exploited by an attacker with...
CVE-2022-2059
In Pandora FMS v7.0NG.761 and below, in the agent creation section, the alias parameter is vulnerable to a Stored Cross Site-Scripting. This vulnerability can be exploited by an attacker with administrator privileges logged in the system...
CVE-2021-28054
An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. A Stored Cross-Site Scripting XSS issue in "Configuration Hosts" allows remote authenticated users to inject arbitrary web script or HTML via the Alias parameter...
CVE-2021-28054
An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. A Stored Cross-Site Scripting XSS issue in "Configuration Hosts" allows remote authenticated users to inject arbitrary web script or HTML via the Alias parameter...
Cross site scripting
An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. A Stored Cross-Site Scripting XSS issue in "Configuration Hosts" allows remote authenticated users to inject arbitrary web script or HTML via the Alias parameter...
UBUNTU-CVE-2021-28054
An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. A Stored Cross-Site Scripting XSS issue in "Configuration Hosts" allows remote authenticated users to inject arbitrary web script or HTML via the Alias parameter...
PT-2020-13709 · Dolibarr · Dolibarr
Name of the Vulnerable Software and Affected Versions: Dolibarr version 11.0.4 Description: The issue concerns multiple stored Cross-Site Scripting XSS vulnerabilities. These could allow remote authenticated attackers to inject arbitrary web script or HTML. This can be done via several API...
PrestaShop cross-site scripting vulnerability (CNVD-2020-25940)
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides a variety of payment methods, short message alerts and product image scaling and other features. A cross-site scripting vulnerability exists in the 'alias' and 'search' parameters of...
Design/Logic Flaw
ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via the portal/admincategory/addpost.html alias parameter because the mishandling of a single quote character allows data/conf/route.php injection...
CVE-2019-7580
ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via the portal/admincategory/addpost.html alias parameter because the mishandling of a single quote character allows data/conf/route.php injection...
Open Source Solutions ViMbAdmin Cross-Site Scripting Vulnerability
Open Source Solutions ViMbAdmin is an open source Web-based virtual mailbox management system from Open Source Solutions, Ireland. The system supports administrators to manage domains , mail and aliases and so on. A cross-site scripting vulnerability exists in Open Source Solutions ViMbAdmin...
CVE-2006-6604
Directory traversal vulnerability in downloaddetails.php in TorrentFlux 2.2 allows remote authenticated users to read arbitrary files via .. dot dot sequences in the alias parameter, a different vector than CVE-2006-6328...