Lucene search
K

2049 matches found

CNVD
CNVD
added 2015/11/19 12:0 a.m.2 views

Adobe ColdFusion Cross-Site Scripting Vulnerability (CNVD-2015-07734)

Adobe ColdFusion is a dynamic Web server , its CFML is a programming language , similar to the current JSP in the JSTL. A cross-site scripting vulnerability exists in Adobe ColdFusion. The program fails to adequately filter user-supplied input, allowing remote attackers to execute arbitrary scrip...

4.3CVSS6.7AI score0.03119EPSS
Exploits0References1
CNVD
CNVD
added 2015/11/11 12:0 a.m.3 views

TYPO3 News system extension cross-site scripting vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF maintained by the TYPO3 Association in Switzerland. news system news is one of the extension components that provides press release functionality. A cross-site scripting vulnerability exists in TYPO3 News system extension...

6.7AI score
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/10/09 5:12 a.m.2 views

Dojo Toolkit vulnerable to cross-site scripting

Overview Dojo Toolkit is a software to assist in building web applications. Dojo Toolkit contains a cross-site scripting vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

4.3CVSS6AI score0.02224EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/09/03 6:0 a.m.1 views

BBS X102 vulnerable to cross-site scripting

Overview BBS X102 provided by guide-park.com is a bulletin board software. BBS X102 contains a cross-site scripting vulnerability. During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on May 26, 2015, it was judged that an advisory for this vulnerabili...

5CVSS6.2AI score0.0095EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/09/03 5:46 a.m.2 views

hitSuji (rktSNS2) vulnetable to cross-site scripting

Overview hitSuji rktSNS2 provided by rakuto.net is an open source SNS software. hitSuji rktSNS2 contains a cross-site scripting vulnerability. During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on May 26, 2015, it was judged that an advisory for this...

4.3CVSS6.2AI score0.0095EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/09/03 12:0 a.m.60 views

JVN#24692261: hitSuji (rktSNS2) vulnetable to cross-site scripting

hitSuji rktSNS2 provided by rakuto.net is an open source SNS software. hitSuji rktSNS2 contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Consider stop using hitSuji rktSNS2 0.2.2b Since the developer was unreachable,...

4.3CVSS6.1AI score0.0095EPSS
Exploits0
CNVD
CNVD
added 2015/08/12 12:0 a.m.2 views

WordPress Plugin Eventbrite Tickets Cross-Site Scripting Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin Eventbrite Tickets. The vulnerability stems from a failur...

4.3CVSS6.5AI score0.02067EPSS
Exploits2References1
CNVD
CNVD
added 2015/07/28 12:0 a.m.5 views

Joomla! Helpdesk Pro plugin cross-site scripting vulnerability

Joomla! is a well-known content management system in foreign countries. Joomla! is a software system developed using the PHP language coupled with a MySQL database, which can be implemented on a variety of different platforms such as Linux, Windows, MacOSX and so on. Helpdesk Pro plugin version...

5.4CVSS6.7AI score0.02921EPSS
Exploits5References1
CNVD
CNVD
added 2015/07/14 12:0 a.m.2 views

phpLiteAdmin Cross-Site Scripting Vulnerability

phpLiteAdmin is a software developer Dane Iracleous developed a set of PHP implementation and Web-based open-source SQLite database management tool . A cross-site scripting vulnerability exists in phpLiteAdmin. When a user browses the affected website, his browser will execute arbitrary script co...

6.7AI score
Exploits0References1
CNVD
CNVD
added 2015/07/10 12:0 a.m.3 views

IBM WebSphere Portal Cross-Site Scripting Vulnerability (CNVD-2015-04462)

IBM WebSphere Portal is a suite of enterprise portal software from IBM. The software creates a platform that connects an organization internally and externally, allowing employees, customers and suppliers to access internal data through the platform. A cross-site scripting vulnerability exists in...

3.5CVSS6.3AI score0.01427EPSS
Exploits0References1
CNVD
CNVD
added 2015/07/10 12:0 a.m.2 views

IBM Jazz Team Server Cross-Site Scripting Vulnerability

IBM Jazz Team Server is a suite of project management tools for use in IBM Rational Jazz Team Collaboration Platform from IBM in the United States. A cross-site scripting vulnerability exists in IBM Jazz Team Server that stems from the program's failure to adequately filter user-submitted input...

3.5CVSS6.5AI score0.00783EPSS
Exploits0References1
CNVD
CNVD
added 2015/07/10 12:0 a.m.4 views

IBM WebSphere Portal Cross-Site Scripting Vulnerability (CNVD-2015-04461)

IBM WebSphere Portal is a suite of enterprise portal software from IBM. The software creates a platform that connects the internal and external parts of an organization, allowing employees, customers and suppliers to access internal data through the platform. A cross-site scripting vulnerability...

4.3CVSS6.6AI score0.01805EPSS
Exploits0References1
CNVD
CNVD
added 2015/07/08 12:0 a.m.2 views

WordPress Salem Theme Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. WordPress Salem Theme suffers from a cross-site scripting vulnerability due to the program failing to adequately filter user-supplied input. An attacker is allowed ...

6.8AI score
Exploits0References1
CNVD
CNVD
added 2015/07/08 12:0 a.m.2 views

IBM Business Process Manager Cross-Site Scripting Vulnerability (CNVD-2015-04371)

IBM Business Process Manager BPM is a comprehensive set of business process management platform from IBM in the United States. The platform provides a range of tools related to process modeling, assembly, monitoring and deployment for business. A cross-site scripting vulnerability exists in IBM B...

6.1CVSS6.6AI score0.00713EPSS
Exploits0References1
CNVD
CNVD
added 2015/07/08 12:0 a.m.1 views

WordPress Ultimate Member 'class.p.php' plugin cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress Ultimate Member 'class.p.php' plugin due to the program failing to adequately filter user-supplied inpu...

6.8AI score
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/06/05 4:59 a.m.4 views

NetFlow Analyzer vulnerable to cross-site scripting

Overview NetFlow Analyzer provided by Zoho Corporation contains a cross-site scripting vulnerability. Tomoshige Hasegawa, Akihito Mukai reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may...

4.3CVSS6.1AI score0.02106EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/05/01 12:0 a.m.30 views

JVN#07538357: EasyCTF vulnerable to cross-site scripting

EasyCTF is a server side CGI used to score CTF Capture The Flag. EasyCTF contains a cross-site scripting vulnerability CWE-79 that can be leveraged by an attacker created account. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the late...

3.5CVSS5.9AI score0.00954EPSS
Exploits0
CNVD
CNVD
added 2015/03/27 12:0 a.m.1 views

Drupal Open Legislation module cross-site scripting vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Open Legislation is one of the open database modules. A cross-site scripting vulnerability exists in the Drupal Open Legislation module, which stems from the program's failure to...

6.7AI score
Exploits0References1
CNVD
CNVD
added 2015/03/27 12:0 a.m.2 views

Softwebs Nepal Fast Chat 'loginprg.asp' Cross-Site Scripting Vulnerability

Softwebs Nepal Fast Chat is a chat software package developed by Softwebs Nepal team. A cross-site scripting vulnerability exists in Softwebs Nepal Fast Chat, which arises from the program's failure to adequately filter user-submitted input. When a user browses the affected site, their browser wi...

6.7AI score
Exploits0References1
CNVD
CNVD
added 2015/03/26 12:0 a.m.3 views

Cross-site scripting vulnerability in Drupal Webform module

Drupal is a developmental CMF Content Management Framework written in the PHP language. A cross-site scripting vulnerability exists in the Drupal Webform module. Because the program fails to properly filter user-supplied text, an attacker can exploit the vulnerability to execute arbitrary script...

3.5CVSS6.9AI score0.01091EPSS
Exploits0References1
Rows per page
Query Builder