Lucene search
K

2049 matches found

CNVD
CNVD
added 2016/12/20 12:0 a.m.1 views

SAP HANA Cockpit Cross-Site Scripting Vulnerability

SAP HANA is a high-performance real-time data analytics platform from SAP. The platform provides data query functions, users can directly query and analyze a large amount of real-time business data. A cross-site scripting vulnerability exists in SAP HANA. As the program fails to properly filter...

6.7AI score
Exploits0References1
CNVD
CNVD
added 2016/12/16 12:0 a.m.0 views

Cisco AsyncOS Software for Email Security Appliances Cross-Site Scripting Vulnerability

Cisco AsyncOS Software for Email Security Appliances ESA is a set of operating systems used in Email Security Appliances ESA from Cisco USA. A cross-site scripting vulnerability exists in Cisco AsyncOS Software for ESA that stems from a failure to adequately filter user-submitted input. An attack...

6.1CVSS6.6AI score0.0128EPSS
Exploits0References1
CNVD
CNVD
added 2016/12/12 12:0 a.m.3 views

Unspecified Security Bypass Vulnerability in Drupal JavaScript Callback Handler

Drupal is the Drupal community maintained by a set of free , open source content management system developed in PHP language . JavaScript Callback Handler is an efficient Ajax Callback module . An unspecified security bypass vulnerability exists in the Drupal JavaScript Callback Handler module. A...

7.6AI score
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/12/02 5:43 a.m.2 views

WNC01WH vulnerable to stored cross-site scripting

Overview WNC01WH provided by BUFFALO INC. is a network camera. WNC01WH contains a stored cross-site scripting vulnerability. Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

4.3CVSS6AI score0.0048EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/11/11 5:49 a.m.3 views

CG-WLR300NX vulnerable to cross-site scripting

Overview CG-WLR300NX provided by Corega Inc is a wireless LAN router. CG-WLR300NX contains a cross-site scripting vulnerability CWE-79. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

4.8CVSS6AI score0.00765EPSS
Exploits0References5
CNVD
CNVD
added 2016/11/09 12:0 a.m.3 views

Multiple IBM Rational Products Cross-Site Scripting Vulnerabilities

IBM Rational Team Concert and Rational Collaborative Lifecycle Management are collaborative lifecycle management solutions from IBM USA.IBM Rational DOORS Next Generation RDNG is a requirements management solution from IBM USA. IBM Rational Engineering Lifecycle Manager is a suite of engineering...

5.4CVSS6.6AI score0.01175EPSS
Exploits0References1
CNVD
CNVD
added 2016/10/18 12:0 a.m.1 views

Magento CMS Flash File Upload Cross-Site Scripting Vulnerability

Magento CMS is an open source PHP e-commerce content management system CMS of the United States Magento company . The system provides rights management , search engine and payment gateway and other functions . An upload cross-site scripting vulnerability exists in Magento CMS Flash files, which c...

6.9AI score
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/10/03 6:43 a.m.4 views

"Schedule" function in Cybozu Office vulnerable to cross-site scripting

Overview Cybozu Office provided by Cybozu,Inc. contains a cross-site scripting vulnerability. Kusano Kazuhiko reported this vulnerability to Cybozu, Inc., and Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated...

5.4CVSS6AI score0.00964EPSS
Exploits0References6
CNVD
CNVD
added 2016/09/30 12:0 a.m.3 views

BaserCMS cross-site scripting vulnerability (CNVD-2016-08858)

baserCMS is an enterprise-level content management system CMS. A cross-site scripting vulnerability exists in baserCMS 3.0.10 and prior versions, which stems from the program failing to adequately filter user-submitted input. The vulnerability allows an attacker to steal cookie-based authenticati...

5.4CVSS6.8AI score0.00897EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/09/29 12:0 a.m.78 views

JVN#92765814: Multiple vulnerabilities in baserCMS

baserCMS provided by baserCMS User Group is an opensource content management system. baserCMS and bundled plugins "Blog", "Mail", "Feed", and "Uploader" contain the following vulnerabilities. Cross-site request forgery CWE-352 - CVE-2016-4879, CVE-2016-4881, CVE-2016-4884, CVE-2016-4885,...

8.8CVSS7.4AI score0.00944EPSS
Exploits0
CNVD
CNVD
added 2016/09/28 12:0 a.m.13 views

Drupal Core Cross-Site Scripting Vulnerability (CNVD-2016-08263)

Drupal is a free and open source content management system developed in PHP. A cross-site scripting vulnerability exists in Drupal Core that allows an attacker to steal cookie-based authentication credentials, obtain sensitive information, and execute arbitrary script code in the context of the...

6.1CVSS6.8AI score0.01488EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/09/16 5:17 a.m.2 views

Splunk Enterprise and Splunk Light vulnerable to cross-site scripting

Overview Splunk Enterprise and Splunk Light contain a cross-site scripting vulnerability CWE-79. Note that this vulnerability is different from JVN71462075. Noriaki Iwasaki of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

6.1CVSS6.1AI score0.00631EPSS
Exploits0References5
CNVD
CNVD
added 2016/08/30 12:0 a.m.2 views

TYPO3 'mso/idna-convert' Library Cross-Site Scripting Vulnerability

TYPO3 is a free and open source content management system maintained by the Swiss TYPO3 Association. A cross-site scripting vulnerability exists in TYPO3 'mso/idna-convert'. Because the program fails to filter user-supplied input, an attacker could exploit the vulnerability to execute arbitrary...

6.6AI score
Exploits0References1
CNVD
CNVD
added 2016/08/30 12:0 a.m.1 views

TYPO3 'data:' URL Scheme Cross-Site Scripting Vulnerability

TYPO3 is a free and open source content management system maintained by the Swiss TYPO3 Association. A cross-site scripting vulnerability exists in TYPO3. Because the program fails to properly filter user-supplied input, an attacker may be able to exploit the vulnerability to execute arbitrary...

6.7AI score
Exploits0References1
CNVD
CNVD
added 2016/08/30 12:0 a.m.2 views

WordPress plugin Border Loading Bar cross-site scripting vulnerability (CNVD-2016-07112)

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability in the WordPress plugin Border Loading Bar allows attackers to exploit t...

6.7AI score
Exploits0References1
CNVD
CNVD
added 2016/08/30 12:0 a.m.2 views

WordPress plugin Border Loading Bar cross-site scripting vulnerability (CNVD-2016-07111)

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability in the WordPress plugin Border Loading Bar allows attackers to exploit t...

6.7AI score
Exploits0References1
CNVD
CNVD
added 2016/08/25 12:0 a.m.2 views

ownCloud Desktop Client Local Command Injection Vulnerability

The ownCloud Desktop Client is a desktop client for connecting to OwnCloud servers. The ownCloud Desktop Client local command injection vulnerability allows an attacker to exploit the vulnerability to execute arbitrary script code in the context of an affected application...

8.4CVSS8.6AI score0.00529EPSS
Exploits0References1
CNVD
CNVD
added 2016/08/24 12:0 a.m.3 views

Cybozu Garoon Cross-Site Scripting Vulnerability (CNVD-2016-06713)

Cybozu Garoon is a portal-type OA office system of Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, etc. and supports free switching among three languages Chinese, Japanese, and English. A cross-site scripting vulnerability exists in...

6.1CVSS6.6AI score0.01077EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/08/23 4:37 a.m.2 views

simple chat vulnerable to cross-site scripting

Overview simple chat provided by Let's PHP! contains a cross-site scripting vulnerability CWE-79. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary...

6.1CVSS6AI score0.01176EPSS
Exploits0References5
CNVD
CNVD
added 2016/08/20 12:0 a.m.2 views

ClipBucket cross-site scripting vulnerability (CNVD-2016-06481)

ClipBucket is an open source video sharing software developed by Arslan team. The software allows you to share videos to video sites and supports the lights off effect when watching a movie. ClipBucket suffers from a cross-site scripting vulnerability. Because the program fails to properly filter...

6.1CVSS6.7AI score0.01627EPSS
Exploits0References1
Rows per page
Query Builder