Lucene search
K

2049 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/08/19 5:13 a.m.4 views

Geeklog IVYWE edition contains a cross-site scripting vulnerability

Overview Geeklog is an open source content management system CMS. Geeklog IVYWE edition contains a cross-site scripting CWE-79 vulnerability. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

6.1CVSS6AI score0.01307EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/08/18 5:9 a.m.2 views

ClipBucket vulnerable to cross-site scripting

Overview Clipbucket is open source video sharing script. ClipBucket contains a cross-site scripting CWE-79 vulnerability. Yoshinori Matsumoto of Kobe Digital Labo, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnershi...

6.1CVSS6.1AI score0.01627EPSS
Exploits0References7
CNVD
CNVD
added 2016/08/16 12:0 a.m.4 views

Foreman HTML Injection Vulnerability

Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides features such as service provisioning, configuration management, and status reporting. An HTML injection vulnerability exists in Foreman, which arises from the program's failure to adequately...

6.1CVSS8.8AI score0.0196EPSS
Exploits0References1
CNVD
CNVD
added 2016/07/28 12:0 a.m.1 views

Multiple Vulnerabilities in Cube Digital Media Neoscreen

The Cube Digital Media Neoscreen is a smart display from the French company Cube Digital Media. A security vulnerability exists in Cube Digital Media Neoscreen version 4.5. An attacker can exploit this vulnerability to execute arbitrary script code in the context of an affected site, steal...

7.7AI score
Exploits0References1
CNVD
CNVD
added 2016/07/28 12:0 a.m.2 views

Huawei ISM Professional Cross-Site Scripting Vulnerability

Huawei ISM is a suite of device management software, cloud storage management software, and network storage management software from Huawei, China.Huawei ISM Professional is the professional version of Huawei ISM. A cross-site scripting vulnerability exists in Huawei ISM Professional that...

6.7AI score
Exploits0References1
CNVD
CNVD
added 2016/06/24 12:0 a.m.3 views

Multiple cross-site scripting vulnerabilities in phpMyAdmin (CNVD-2016-04309)

phpmyadmin is an online management tool for MySQL databases. A cross-site scripting vulnerability exists in phpmyadmin versions 4.4.x and 4.6.x in the user permissions page and the user group function, which can be exploited by an attacker to execute arbitrary scripts across sites...

6.1CVSS9AI score0.0132EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/06/03 12:0 a.m.11 views

ZeewaysCMS Multiple Vulnerabilities

ZeewaysCMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:zeewayscms:zeeway"; ifdescriptio...

7.8AI score
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/06/02 7:18 a.m.2 views

Trend Micro Internet Security vulnerable to arbitrary script execution

Overview Trend Micro Internet Security provided by Trend Micro Incorporated contains a vulnerability that may allow arbitrary script execution. According to the developer, attempts to exploit the vulnerability will not succeed from external networks when the default settings are used. Trend Micro...

6.1CVSS6.9AI score0.01636EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/06/02 12:0 a.m.33 views

JVN#48789425: Trend Micro Internet Security multiple vulnerabilities

Trend Micro Internet Security provided by Trend Micro Incorporated contains the following vulnerabilities. Access Restriction Flaw - CVE-2016-1225 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N| Base Score: 5.3 CVSS v2| AV:N/AC:L/Au:N/C:P/I:N/A:N| Base...

6.5CVSS6.8AI score0.03462EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/05/25 5:37 a.m.2 views

WordPress plugin "Markdown on Save Improved" vulnerable to cross-site scripting

Overview The WordPress plugin "Markdown on Save Improved" contains a stored cross-site scripting CWE-79 vulnerability. Kenta Yamamoto of Cryptography Laboratory,Department of Information and Communication Engineering, Graduate School of Tokyo Denki University reported this vulnerability to IPA...

6.1CVSS5.9AI score0.01511EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/05/24 3:24 a.m.3 views

HumHub vulnerable to cross-site scripting

Overview HumHub is a software framework for developing a social networking service SNS. HumHub contains a cross-site scripting vulnerability. Satoru Nagaoka of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Ear...

5.4CVSS6AI score0.01129EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/05/16 5:48 a.m.2 views

a-blog cms vulnerable to cross-site scripting

Overview a-blog cms provided by appleple Inc. is a content management system CMS. a-blog cms contains a cross-site scripting vulnerability in the standard template of the comment functionality. Yuya Yoshida of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC...

6.1CVSS6AI score0.01195EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/05/12 5:34 a.m.5 views

WN-G300R Series vulnerable to cross-site scripting

Overview WN-G300R Series provided by I-O DATA DEVICE, INC. contains a cross-site scripting vulnerability. WN-G300R Series provided by I-O DATA DEVICE, INC. is a wireless LAN router. WN-G300R Series contains a stored cross-site scripting vulnerability CWE-79. Satoshi Ogawa of Mitsui Bussan Secure...

5.4CVSS6.1AI score0.00802EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/04/06 6:29 a.m.3 views

baserCMS plugin "Recruit Plugin" vulnerable to cross-site scripting

Overview baserCMS plugin "Recruit Plugin" contains a cross-site scripting vulnerability. CWE-79 Takaesu Isao of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...

6.1CVSS6.1AI score0.01009EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2016/04/06 12:0 a.m.13 views

Disc Organization System (DORG) Multiple Vulnerabilities

Disc Organization System DORG is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dorg:dorg";...

7.3AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/02/15 12:56 a.m.2 views

Microsoft Producer for Microsoft Office PowerPoint vulnerable to cross-site scripting

Overview Microsoft Producer for Microsoft Office PowerPoint may create a web page which contains a DOM-based cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Microsoft Producer for Microsoft Office PowerPoint...

4.7CVSS6.2AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/01/29 4:50 a.m.1 views

Vine MV vulnerable to cross-site scripting

Overview Vine MV contains a cross-site scripting vulnerability CWE-79. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on the user's web browser. Solution Updat...

6.1CVSS6AI score0.01417EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2016/01/27 5:40 a.m.3 views

HOME SPOT CUBE vulnerable to cross-site scripting

Overview HOME SPOT CUBE provided by KDDI CORPORATION is a wireless LAN router. HOME SPOT CUBE contains a cross-site scripting vulnerability. Masaki Yoshikawa of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

5.4CVSS6.2AI score0.00802EPSS
Exploits0References5
CNVD
CNVD
added 2015/11/27 12:0 a.m.1 views

OcProducts OcPortal 'FIELD_NAME' Parameter Cross-Site Scripting Vulnerability

OcProducts ocPortal is an open source PHP and MySQL based Content Management System CMS from OcProducts. A cross-site scripting vulnerability exists in OcProducts OcPortal. An attacker can exploit this vulnerability to execute arbitrary script code, steal cookie-based authentication and launch...

6.8AI score
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/20 4:38 a.m.1 views

Void vulnerable to cross-site scripting

Overview Void is an open source content management system CMS. Void contains a cross-site scripting vulnerability CWE-79. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA under Information Security Early Warning Partnership. Impact An arbitrary script may be...

4.3CVSS6AI score0.01786EPSS
Exploits0References5
Rows per page
Query Builder