3351 matches found
CVE-2017-8178
Huawei Email APP Vicky-AL00 smartphones with software of earlier than VKY-AL00C00B171 versions has a stored cross-site scripting vulnerability. A remote attacker could exploit this vulnerability to send email that storing malicious code to a smartphone and waiting for a user to access this email...
WordPress Advanced Post Type Ratings 1.1 Cross Site Scripting
Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Advanced Post Type Ratings Plugin 1.1 DFD Reddcoin Tips Plugin is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to...
Cross site scripting
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service a cloud-based service could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are du...
CVE-2017-12323
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service a cloud-based service could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are du...
CVE-2017-12320
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service a cloud-based service could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are du...
Cross site scripting
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service a cloud-based service could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are du...
Cross site scripting
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service a cloud-based service could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are du...
Cross site scripting
A vulnerability in the IOS daemon IOSd web-based management interface of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface on an affected device. The vulnerability is due ...
Cross site scripting
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service a cloud-based service could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are du...
CVE-2017-12320
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service a cloud-based service could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are du...
CVE-2017-12291
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service a cloud-based service could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are du...
CVE-2017-12322
The CVE-2017-12322 issue concerns Cisco Registered Envelope Service (cloud-based web interface). Multiple vulnerabilities allow unauthenticated, remote attackers to perform cross-site scripting (XSS) or redirect users to malicious pages due to insufficient validation of user-supplied input. An at...
Adobe Connect Multiple Vulnerabilities (APSB17-35)
Adobe Connect is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:connect"; ifdescription...
WordPress AMP Toolbox 1.9.4 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Credit Ricardo Sanchez Vulnerable AMP Toolbox Plugin 1.9.4 AMP Toolbox Plugin is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute...
WordPress Secure HTML5 Video Player 3.14 Cross Site Scripting Vulnerability
WordPress Secure HTML5 Video Player plugin version 3.14 suffers from a cross site scripting vulnerability. Vulnerable Secure HTML5 Video Player Plugin 3.14 Secure HTML5 Video Player Plugin is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize...
Cross site scripting
A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the...
CVE-2017-12288
A vulnerability in the web-based management interface of Cisco Unified Contact Center Express could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of an affected device. The vulnerability is due to insufficient validation of user-supplied inp...
Cross site scripting
A vulnerability in the web framework code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of the affected software. The vulnerability is due to insufficient input validation of some parameter...
CVE-2017-12296
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the...
Cisco IOS XE Software Web Framework Cross-Site Scripting Vulnerability
A vulnerability in the web framework code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of the affected software. The vulnerability is due to insufficient input validation of some parameter...