Moodle 2.8.x < 2.8.10 / 2.9.x < 2.9.4 / 3.0.x < 3.0.2 XSS

Binary data 9192.prm...

Cisco Unified Communications Domain Manager Cross-Site Scripting Vulnerability

A vulnerability in the Cisco Unified Communications Domain Manager Unified CDM could allow an authenticated, remote attacker to execute a cross-site scripting XSS attack. The vulnerability is due to insufficient input validation of user-supplied input. An attacker could exploit this vulnerability...

Apache ActiveMQ 5.x < 5.13.2 Multiple Vulnerabilities

The version of Apache ActiveMQ running on the remote host is 5.x prior to 5.13.2. It is, therefore, affected by multiple vulnerabilities : - A clickjacking vulnerability exists in the web-based administration console due to not setting the X-Frame-Options header in HTTP responses. A remote attack...

Sophos UTM URL Reflected XSS Vulnerability

Sophos UTM is prone to a reflected cross-site scripting XSS vulnerability. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

phpMyAdmin 4.5.x < 4.5.4 Multiple Vulnerabilities (PMASA-2016-8, PMASA-2016-9)

According to its self-reported version number, the phpMyAdmin application hosted on the remote web server is 4.5.x prior to 4.5.4. It is, therefore, affected by the following vulnerabilities : - An information disclosure vulnerability exists in multiple scripts that allows a remote attacker, via ...

ManageEngine Firewall Analyzer 8.5 - Multiple Vulnerabilities

Exploit for windows platform in category web applications ================================================================ ManageEngine Firewall Analyzer 8.5– Privilege Escalation Vulnerability ================================================================ Description : Vulnerability Type :...

Fortinet FortiWeb 5.1.2 < 5.3.5 Autolearn Configuration Multiple XSS

The remote FortiWeb device is running a software version greater than or equal to 5.1.2 and less than 5.3.5. It is, therefore, affected by multiple cross-site scripting vulnerabilities due to improper validation of user-supplied input to the autolearn configuration page. An attacker can exploit...

Google Chrome Security Bypass Vulnerability (Feb 2016) - Linux

Google Chrome is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...

Google Chrome Security Bypass Vulnerability (Feb 2016) - Mac OS X

Google Chrome is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...

Google Chrome Security Bypass Vulnerability (Feb 2016) - Windows

Google Chrome is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...

Cisco Unity Connection Web Framework Cross-Site Scripting Vulnerability

A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to execute a cross-site scripting XSS attack. The vulnerability is due to insufficient input validation of user-supplied input. An attacker could exploit this vulnerability by convincing...

WordPress 'theme' Parameter Cross Site Scripting Vulnerability (Jan 2016) - Linux

WordPress is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress 'theme' Parameter Cross Site Scripting Vulnerability (Jan 2016) - Windows

WordPress is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress < 4.4.1 class-wp-theme.php XSS

According to its self-reported version number, the WordPress application running on the remote web server is prior to 4.4.1. It is, therefore, affected by a cross-site scripting XSS vulnerability due to improper validation of user-supplied input to the file wp-includes/class-wp-theme.php before...

Atlassian Confluence XSS and Insecure Direct Object Reference Vulnerabilities

Atlassian Confluence is prone to cross site scripting and insecure direct object reference vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Mozilla Firefox Multiple Vulnerabilities (Dec 2015) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

SurgeFTP Multiple XSS Vulnerabilities (Nov 2015) - Active Check

SurgeFTP Server is prone to multiple stored cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

OSSEC Web UI 'searchid' Parameter Cross Site Scripting Vulnerability

OSSEC Web UI is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Microsoft Edge XSS Filter CVE-2015-6176 Security Bypass Vulnerability

Description Microsoft Edge is prone to a security-bypass vulnerability that affects the XSS Filter. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. An attacker can exploit this issue to execute arbitrary script code in the...

Microsoft Internet Explorer XSS Filter CVE-2015-6138 Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a security-bypass vulnerability that affects the XSS Filter. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. They can then execute arbitrary script code in the context of th...