Lucene search
K

2049 matches found

CNVD
CNVD
added 2015/03/11 12:0 a.m.2 views

Drupal Trick Question module cross-site scripting vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Trick Question is one of the CAPTCHA type spam defense modules. A cross-site scripting vulnerability exists in the Drupal Trick Question module. The vulnerability is due to the program...

3.5CVSS6.8AI score0.00965EPSS
Exploits0References1
CNVD
CNVD
added 2015/03/06 12:0 a.m.4 views

Multiple Cross-Site Scripting Vulnerabilities in PHP Address Book

PHP Address Book is a simple Web-based address book , contact management application developed in PHP . PHP Address Book suffers from multiple cross-site scripting vulnerabilities that could be exploited by an attacker to execute arbitrary web script or HTML in the context of an affected site...

4.3CVSS6.4AI score0.01526EPSS
Exploits1References1
CNVD
CNVD
added 2015/03/05 12:0 a.m.2 views

Loxone Smart Home HTML Injection Vulnerability

Loxone Smart Home is a WEB-based application. Loxone Smart Home suffers from an HTML injection vulnerability that could be exploited by an attacker to execute arbitrary HTML script and code in the context of the affected application...

7.7AI score
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/03/04 5:49 a.m.1 views

Maroyaka Image Album vulnerable to cross-site scripting

Overview Maroyaka Image Album provided by Maroyaka CGI is a CGI script for placing image files within a website. Maroyaka Image Album contains a cross-site scripting vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/03/04 5:48 a.m.0 views

Maroyaka Simple Board vulnerable to cross-site scripting

Overview Maroyaka Simple Board provided by Maroyaka CGI is a CGI script for posting text into a website. Maroyaka Simple Board contains a persistent cross-site scripting vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Securi...

5CVSS6.1AI score0.01148EPSS
Exploits0References5
CNVD
CNVD
added 2015/02/02 12:0 a.m.2 views

Fortinet FortiAuthenticator Appliance Cross-Site Scripting Vulnerability Vulnerability

Fortinet FortiAuthenticator is a family of secure authentication software from Fortinet that can be combined with FortiToken two-factor authentication token to provide secure two-factor authentication to third-party devices authenticated via RADIUS or LDAP. The Fortinet FortiAuthenticator Applian...

6.7AI score
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/01/30 4:52 a.m.4 views

Fumy News Clipper vulnerable to cross-site scripting

Overview Fumy News Clipper provided by Nishishi Factory contains a cross-site scripting vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on the...

4.3CVSS6.1AI score0.01161EPSS
Exploits0References5
CNVD
CNVD
added 2015/01/23 12:0 a.m.3 views

Exponent CMS 'index.php' Cross-Site Scripting Vulnerability

Exponent CMS is open source content management system. A cross-site scripting vulnerability exists in Exponent CMS 'index.php' because it fails to properly filter user-supplied input. An attacker may be able to exploit this vulnerability to execute arbitrary script code in an unsuspecting user's...

6.1CVSS6.7AI score0.01475EPSS
Exploits2References1
CNVD
CNVD
added 2015/01/20 12:0 a.m.2 views

Multiple Cross-Site Scripting Vulnerabilities in Drupal Video Module

Drupal is a free and open source content management system developed in PHP. Multiple cross-site scripting vulnerabilities exist in the Drupal Video module because it fails to properly filter user-supplied input. An attacker could potentially exploit these vulnerabilities to execute arbitrary...

3.5CVSS6.9AI score0.00965EPSS
Exploits0References1
CNVD
CNVD
added 2015/01/20 12:0 a.m.2 views

Multiple Cross-Site Scripting Vulnerabilities in Drupal Room Reservations Module

Drupal is a free and open source content management system developed in PHP. Multiple cross-site scripting vulnerabilities exist in the Drupal Room Reservations module because it fails to properly filter user-supplied input. An attacker could use these vulnerabilities to execute arbitrary script...

4.9CVSS6.9AI score0.0158EPSS
Exploits0References1
CNVD
CNVD
added 2015/01/14 12:0 a.m.3 views

Fork CMS 'loadForm()' Function Cross-Site Scripting Vulnerability

Fork CMS is a CMS system developed in PHP. A cross-site scripting vulnerability exists in the Fork CMS 'loadForm' function due to the program failing to properly filter user-supplied input. An attacker could use this vulnerability to execute arbitrary script code or steal cookie-based...

6.1CVSS6.8AI score0.01421EPSS
Exploits2References1
CNVD
CNVD
added 2015/01/12 12:0 a.m.3 views

Drupal Field Display Label Module Cross-Site Scripting Vulnerability

Drupal is a free and open source content management system developed in PHP. A cross-site scripting vulnerability exists in the Drupal Field Display Label module because it fails to properly filter user-supplied input. An attacker may be able to exploit this vulnerability to execute arbitrary...

3.5CVSS6.6AI score0.00965EPSS
Exploits0References1
CNVD
CNVD
added 2015/01/09 12:0 a.m.2 views

Multiple Cross-Site Scripting Vulnerabilities in Zurmo CRM

Zurmo CRM is the United States Zurmo company's set of open source PHP-based customer relationship management system CRM. Multiple cross-site scripting vulnerabilities exist in Zurmo CRM because it fails to properly filter user-supplied input. An attacker could potentially exploit these...

6.7AI score
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/12/18 5:48 a.m.3 views

WBS Gantt-Chart for JIRA vulnerable to cross-site scripting

Overview WBS Gantt-Chart for JIRA provided by Ricksoft Inc. is an add-on for JIRA which provides WBS Work Breakdown Structure and Gantt-Chart features. WBS Gantt-Chart for JIRA contains a flaw in output page generation, which may lead to cross-site scripting CWE-79. Note that this vulnerability i...

4CVSS6AI score0.00936EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/12/09 5:41 a.m.2 views

i-HTTPD vulnerable to cross-site scripting

Overview i-HTTPD is a web server for Windows. i-HTTPD contains a flaw in generating a directory index page, which may lead to a cross-site scripting CWE-79. Note that this vulnerability is different from JVN87910097. Yamagata of webappsec.jp reported this vulnerability to IPA. JPCERT/CC coordinat...

4.3CVSS6.2AI score0.01148EPSS
Exploits0References5
0day.today
0day.today
added 2014/09/23 12:0 a.m.31 views

LittleSite 0.1 Local File Include Vulnerability

Exploit for php platform in category web applications source: http://www.securityfocus.com/bid/43495/info LittleSite is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive...

7.5CVSS6.6AI score0.02386EPSS
Exploits3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/09/12 5:0 a.m.1 views

Help Page in multiple Adobe products vulnerable to cross-site scripting

Overview The Help page provided in multiple Adobe products contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be...

4.3CVSS6.2AI score0.02458EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/08/08 4:52 a.m.3 views

Piwigo vulnerable to cross-site scripting

Overview Piwigo is a software to manage and host image files on the web. Piwigo contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...

4.3CVSS7AI score0.01792EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/07/29 12:0 a.m.30 views

JVN#85748534: PerlMailer vulnerable to cross-site scripting

PerlMailer from Homepage Decorator is a mail form CGI which is used to send mail from a form on a web page. PerlMailer CGI scripts contain a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest upda...

4.3CVSS6.1AI score0.01148EPSS
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Ashwebstudio Ashnews 0.83 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16426/info Ashnews is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

7.1AI score
Exploits0
Rows per page
Query Builder