Lucene search
K

2049 matches found

Vulnrichment
Vulnrichment
added 2023/04/19 12:0 a.m.8 views

CVE-2023-27777

Cross-site scripting XSS vulnerability was discovered in Online Jewelry Shop v1.0 that allows attackers to execute arbitrary script via a crafted URL...

5.5AI score0.00365EPSS
Exploits0References1
CVE
CVE
added 2023/04/18 11:38 p.m.53 views

CVE-2023-29522

CVE-2023-29522 affects XWiki Platform. Any user with view rights can execute arbitrary script macros (Groovy/Python) that enable remote code execution and unrestricted read/write access to wiki contents. The attack is triggered by opening a non-existing page whose name contains a dangerous payloa...

9.9CVSS9.6AI score0.01864EPSS
Exploits1References3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/04/17 5:19 a.m.2 views

Joruri Gw vulnerable to cross-site scripting

Overview Joruri Gw provided by SiteBridge Inc. is groupware. Message Memo function of Joruri Gw contains a cross-site scripting vulnerability CWE-79. Tsutomu Aramaki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

5.4CVSS6AI score0.0045EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/04/17 12:0 a.m.3 views

Joruri Gw 跨站脚本漏洞

Joruri Gw is a web portal of Joruri Inc. A security vulnerability exists in Joruri Gw. An attacker can exploit the vulnerability to execute arbitrary scripts...

5.4CVSS6.1AI score0.0045EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/04/11 12:0 a.m.7 views

CVE-2023-26846

A stored cross-site scripting XSS vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the city parameter at opencats/index.php?m=candidates...

5.2AI score0.00412EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/04/10 12:0 a.m.3 views

LiveAction LiveSP 跨站脚本漏洞

LiveAction LiveSP is a network monitoring software for service providers from LiveAction. A security vulnerability exists in LiveAction LiveSP version v21.1.2. An attacker can exploit the vulnerability to execute arbitrary web script or HTML...

5.4CVSS6.2AI score0.00459EPSS
Exploits1References3
Prion
Prion
added 2023/04/05 4:15 p.m.19 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco Prime Infrastructure Software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability is due to insufficient...

5.8CVSS6AI score0.0047EPSS
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2023/04/05 12:0 a.m.207 views

CKEditor 5 35.4.0 - Cross-Site Scripting (XSS)

Exploit Title: CKEditor 5 35.4.0 - Cross-Site Scripting XSS Google Dork: N/A Date: February 09, 2023 Exploit Author: Manish Pathak Vendor Homepage: https://cksource.com/ Software Link: https://ckeditor.com/ckeditor-5/download/ Version: 35.4.0 Tested on: Linux / Web CVE : CVE-2022-48110 CKSource...

6.1CVSS6.6AI score0.02097EPSS
Exploits4
Vulnrichment
Vulnrichment
added 2023/03/27 12:0 a.m.5 views

CVE-2023-27245

A cross-site scripting XSS vulnerability in File Management Project 1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Edit User module...

5.9AI score0.00429EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/03/27 12:0 a.m.20 views

Debian: Security Advisory (DLA-3368-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.2AI score0.04354EPSS
Exploits0References4
Debian
Debian
added 2023/03/26 9:5 p.m.26 views

[SECURITY] [DLA 3368-1] libreoffice security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3368-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucaries March 26, 2023 https://wiki.debian.org/LTS -...

8.8CVSS8.7AI score0.04354EPSS
Exploits0
Cvelist
Cvelist
added 2023/03/24 3:57 p.m.38 views

CVE-2022-47502 Apache OpenOffice: Macro URL arbitrary script execution

Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose. Links can be activated by clicks, or by automatic document events. The execution of such links must be subject to user approval. In the affected...

8.2AI score0.00958EPSS
Exploits0References4
CVE
CVE
added 2023/03/24 3:57 p.m.85 views

CVE-2022-47502

Apache OpenOffice

7.8CVSS7.9AI score0.00958EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2023/03/22 12:0 a.m.7 views

Aruba Networks ClearPass Policy Manager 跨站脚本漏洞

Aruba Networks ClearPass Policy Manager is an Aruba Networks application that provides a secure access management system for wireless networks. A security vulnerability exists in Aruba Networks ClearPass Policy Manager that originates from the presence of Reflective Cross Site Scripting XSS, whic...

7.1CVSS6.7AI score0.00473EPSS
Exploits0References2
Prion
Prion
added 2023/03/16 10:15 p.m.15 views

Cross site scripting

A cross-site scripting XSS vulnerability in the Edit Group function of ChurchCRM v4.5.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit Group Name text field...

4.9CVSS5.3AI score0.00379EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/14 12:0 a.m.8 views

CVE-2023-27070

A stored cross-site scripting XSS vulnerability in TotalJS OpenPlatform commit b80b09d allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field...

5.3AI score0.00521EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/03/10 12:0 a.m.6 views

CVE-2022-48111

A cross-site scripting XSS vulnerability in the checklogin function of SIPE s.r.l WI400 between version 8 and 11 included allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the f parameter...

5.9AI score0.00653EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2023/03/09 12:0 a.m.5 views

CVE-2023-27211

A cross-site scripting XSS vulnerability in /admin/navbar.php of Online Pizza Ordering System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the page parameter...

5.9AI score0.00434EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/03/09 12:0 a.m.4 views

PT-2023-21009 · Unknown · Online Pizza Ordering System

Name of the Vulnerable Software and Affected Versions: Online Pizza Ordering System version 1.0 Description: A cross-site scripting XSS issue in the /admin/navbar.php endpoint of the Online Pizza Ordering System allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

6.1CVSS6AI score0.00434EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/03/01 12:0 a.m.4 views

Cisco Nexus Dashboard 跨站脚本漏洞

Cisco Nexus Dashboard is the United States Cisco Cisco a single console. It simplifies the operation and management of data center networks. A security vulnerability exists in Cisco Nexus Dashboard, which stems from a security issue in the web-based management interface that does not adequately...

6.1CVSS6.7AI score0.00519EPSS
Exploits0References2
Rows per page
Query Builder