Lucene search
K

2049 matches found

Prion
Prion
added 2022/04/04 2:15 p.m.21 views

Cross site scripting

A cross-site scripting XSS vulnerability in /public/admin/index.php?adduser at Ecommerce-Website v1.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username text field...

3.5CVSS4.9AI score0.00976EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2022/04/01 12:0 a.m.4 views

Total.js 跨站脚本漏洞

Total Avengers Totaljs Framework is a Javascript-based code base for building web, desktop, service or IoT applications from Total Avengers, Slovakia. The application is similar to PHPs Laravel, Pythons Django, ASP.NET MVC for building Node applications.A cross-site scripting vulnerability exists...

4.8CVSS5.7AI score0.00532EPSS
Exploits1References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/03/15 12:0 a.m.50 views

JVN#87751554: Multiple vulnerabilities in pfSense

pfSense software provided by Netgate contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2021-20729 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2| AV:N/AC:M/Au:N/C:N/I:P/A:N| Base Score: 4.3 Improper...

8.8CVSS8.3AI score0.04229EPSS
Exploits0
NVD
NVD
added 2022/03/01 2:15 a.m.14 views

CVE-2022-25020

A cross-site scripting XSS vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post...

5.4CVSS0.01192EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/02/25 12:0 a.m.3 views

Notimoo 跨站脚本漏洞

Notimoo is a method for web developers to display notifications to users. PaquitoSoftware Notimoo suffers from a cross-site scripting vulnerability that can be exploited by attackers to execute arbitrary web script or HTML via a carefully crafted header or message in a notification...

6.1CVSS5.5AI score0.00611EPSS
Exploits1References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/02/17 6:20 a.m.3 views

Multiple vulnerabilities in phpUploader

Overview phpUploader provided by Dojin Club MICMNIS contains multiple vulnerabilities listed below. Cross-site scripting CWE-79 - CVE-2022-24435 SQL Injection CWE-89 - CVE-2022-23986 Toyama Taku reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under Information...

7.5CVSS7.4AI score0.01664EPSS
Exploits0References8
Prion
Prion
added 2022/02/15 2:15 p.m.13 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the component /core/admin/categories.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content and thumbnail parameters...

3.5CVSS5.2AI score0.00736EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/02/15 12:0 a.m.6 views

CVE-2022-24227

A cross-site scripting XSS vulnerability in BoltWire v7.10 and v 8.00 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the name and lastname parameters...

5.9AI score0.02221EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/02/15 12:0 a.m.3 views

PluXml 安全漏洞

PluXml is a free and open source content management system that does not require a database to work. PluXml suffers from a cross-site scripting vulnerability that can be exploited by an attacker to execute arbitrary web script or HTML...

5.4CVSS5.9AI score0.00732EPSS
Exploits1References2
NVD
NVD
added 2022/01/28 8:15 p.m.17 views

CVE-2021-22813

A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC pointing to an edit policy file. Affected Products:...

6.1CVSS0.00745EPSS
Exploits0References1
OSV
OSV
added 2022/01/28 8:15 p.m.1 views

CVE-2021-22812

A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC. Affected Products: 1-Phase Uninterruptible Power...

6.1CVSS6.5AI score0.00745EPSS
Exploits0References1
Prion
Prion
added 2022/01/28 8:15 p.m.20 views

Cross site scripting

A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC. Affected Products: 1-Phase Uninterruptible Power...

4.3CVSS6.2AI score0.00745EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2022/01/28 8:15 p.m.23 views

Cross site scripting

A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists which could cause arbritrary script execution when a malicious file is read and displayed. Affected Products: 1-Phase Uninterruptible Power Supply UPS using NMC2 including Smart-UPS,...

4.3CVSS6.2AI score0.00745EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2022/01/28 7:9 p.m.20 views

CVE-2021-22810

A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC pointing to a delete policy file. Affected Products:...

6.4AI score0.00749EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/01/27 12:0 a.m.5 views

GLPI 跨站脚本漏洞

GLPI is an open source IT and asset management software for individual developers. The software provides a full-featured IT resource management interface that you can use to build a database to fully manage IT computers, monitors, servers, printers, network devices, phones, even toner cartridges...

6.1CVSS5.7AI score0.0096EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2021/11/16 4:38 a.m.2 views

rwtxt vulnerable to cross-site scripting

Overview rwtxt provided by Zack Scholl is a light-weight content management system CMS that enables to share and/or view any text saved online. rwtxt contains a cross-site scripting vulnerability CWE-79. Ito Reo of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/C...

6.1CVSS5.9AI score0.00877EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/11/16 12:0 a.m.4 views

Ruijie Rg-Uac 跨站脚本漏洞

Ruijie Rg-Uac is an Internet behavior management and auditing product from China Ruijie Networks Ruijie. It is used to solve Internet auditing problems. A security vulnerability exists in the Ruijie RG-UAC 6000-E50 commit 9071227, which can be exploited by an attacker to execute arbitrary web...

6.1CVSS6.7AI score0.00562EPSS
Exploits0References2
Prion
Prion
added 2021/11/03 6:15 p.m.17 views

Cross site scripting

ED01-CMS v1.0 was discovered to contain a reflective cross-site scripting XSS vulnerability in the component sposts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Post title or Post content fields...

4.3CVSS5.9AI score0.00621EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/10/28 12:0 a.m.2 views

Tiki Wiki 跨站脚本漏洞

Tiki Wiki is a Php-based wiki system for the Tiki community. A security vulnerability exists in TikiWiki v21.4, which allows an attacker to execute arbitrary web script or HTML by adding a payload under the Events module...

5.4CVSS6.1AI score0.00487EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/10/28 12:0 a.m.3 views

Tiki Wiki 跨站脚本漏洞

Tiki Wiki is a Php-based wiki system for the Tiki community. A security vulnerability exists in TikiWiki v21.4 that allows an attacker to execute arbitrary web script or HTML via a crafted payload under the Create Category module...

5.4CVSS6.2AI score0.00487EPSS
Exploits1References2
Rows per page
Query Builder