Lucene search
K

7613 matches found

CNVD
CNVD
added 2015/03/11 12:0 a.m.2 views

Drupal Trick Question module cross-site scripting vulnerability

Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.Trick Question is one of the CAPTCHA type spam defense modules. A cross-site scripting vulnerability exists in the Drupal Trick Question module. The vulnerability is due to the program...

3.5CVSS6.8AI score0.00965EPSS
Exploits0References1
Prion
Prion
added 2015/03/10 2:59 p.m.10 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Ultimate PHP Board aka myUPB before 2.2.8 allow remote attackers to inject arbitrary web script or HTML via the 1 q parameter to search.php or 2 avatar parameter to profile.php...

4.3CVSS6.1AI score0.01892EPSS
Exploits3References5Affected Software1
CNVD
CNVD
added 2015/03/06 12:0 a.m.4 views

Multiple Cross-Site Scripting Vulnerabilities in PHP Address Book

PHP Address Book is a simple Web-based address book , contact management application developed in PHP . PHP Address Book suffers from multiple cross-site scripting vulnerabilities that could be exploited by an attacker to execute arbitrary web script or HTML in the context of an affected site...

4.3CVSS6.4AI score0.01526EPSS
Exploits1References1
CNVD
CNVD
added 2015/03/05 12:0 a.m.2 views

Loxone Smart Home HTML Injection Vulnerability

Loxone Smart Home is a WEB-based application. Loxone Smart Home suffers from an HTML injection vulnerability that could be exploited by an attacker to execute arbitrary HTML script and code in the context of the affected application...

7.7AI score
Exploits0References1
Patchstack
Patchstack
added 2015/03/05 12:0 a.m.31 views

WordPress Ninja Forms Plugin <= 2.8.8 - Multiple XSS

Because of these vulnerabilities, the attackers can inject arbitrary web script or HTML via the "ninjaformsfield1" parameter in a ninjaformsajaxsubmit action to wp-admin/admin-ajax.php. Also, multiple cross site scripting vulnerabilities allow the administrators to inject arbitrary web script or...

4.3CVSS3.2AI score0.02041EPSS
Exploits1References1Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/03/04 5:49 a.m.1 views

Maroyaka Image Album vulnerable to cross-site scripting

Overview Maroyaka Image Album provided by Maroyaka CGI is a CGI script for placing image files within a website. Maroyaka Image Album contains a cross-site scripting vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/03/04 5:48 a.m.0 views

Maroyaka Simple Board vulnerable to cross-site scripting

Overview Maroyaka Simple Board provided by Maroyaka CGI is a CGI script for posting text into a website. Maroyaka Simple Board contains a persistent cross-site scripting vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Securi...

5CVSS6.1AI score0.01148EPSS
Exploits0References5
Cisco
Cisco
added 2015/03/02 9:4 p.m.25 views

Cisco Unified Web Interaction Manager Cross-Site Scripting Vulnerability

A vulnerability in Cisco Unified Web Interaction Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to a lack of input sanitization of the Cisco Unified Web...

4.3CVSS5.9AI score0.01773EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/02/27 12:0 a.m.24 views

Adminsystems CMS Multiple Vulnerabilities

Adminsystems CMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.04075EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2015/02/26 12:0 a.m.21 views

InstantASP InstantForum.NET Multiple Cross-Site Scripting Vulnerabilities

InstantASP InstantForum.NET is prone to multiple cross-site scripting vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS6.2AI score0.01773EPSS
Exploits2References1
NVD
NVD
added 2015/02/24 5:59 p.m.24 views

CVE-2015-2069

Cross-site scripting XSS vulnerability in the WooCommerce plugin before 2.2.11 for WordPress allows remote attackers to inject arbitrary web script or HTML via the QUERYSTRING in the wc-reports page to wp-admin/admin.php...

4.3CVSS5.8AI score0.02041EPSS
Exploits1References4
CVE
CVE
added 2015/02/19 3:0 p.m.39 views

CVE-2014-9468

InstantASP InstantForum.NET has multiple XSS vulnerabilities (CVE-2014-9468) affecting versions 4.1.3, 4.1.2, 4.1.1, 4.0.0, 4.1.0 and 3.4.0. The issue is a reflected cross-site scripting vulnerability: attacker-supplied input in the SessionID parameter is echoed in Join.aspx or Logon.aspx, enabli...

4.3CVSS5.9AI score0.01773EPSS
Exploits2References3Affected Software1
CNVD
CNVD
added 2015/02/13 12:0 a.m.3 views

u5CMS Cross-Site Scripting Vulnerability

u5CMS is a content management system CMS based on PHP, MySQL and Apache for medium-sized websites, conferences, audit processes, PayPal payments and online surveys. The system supports WYSIWYG editor, creating survey forms and data storage. A cross-site scripting vulnerability exists in u5CMS. Th...

4.3CVSS6.1AI score0.03284EPSS
Exploits2References1
CNVD
CNVD
added 2015/02/12 12:0 a.m.2 views

Drupal Ajax Timeline Module Cross-Site Scripting Vulnerability

Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. A cross-site scripting vulnerability exists in the Drupal Ajax Timeline module due to the program failing to properly filter user-supplied input. An attacker could use thi...

6.9AI score
Exploits0References1
OpenVAS
OpenVAS
added 2015/02/11 12:0 a.m.23 views

Fortinet FortiGate XSS Vulnerability (FG-IR-14-003)

FortiOS as used in FortiGate is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS5.1AI score0.02413EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/02/11 12:0 a.m.19 views

Fortinet FortiWeb Multiple XSS Vulnerabilities (FG-IR-14-012)

Fortinet FortiWeb is prone to multiple reflective cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

4.3CVSS5AI score0.01161EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/02/11 12:0 a.m.14 views

Fortinet FortiAnalyzer Multiple XSS Vulnerabilities (FG-IR-14-033)

Fortinet FortiAnalyzer is prone to multiple cross-site- scripting XSS vulnerabilities because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective rig...

4.3CVSS5AI score0.01792EPSS
Exploits0References3
CNVD
CNVD
added 2015/02/10 12:0 a.m.3 views

DotNetNuke Cross-Site Scripting Vulnerability (CNVD-2015-01010)

DotNetNuke DNN is a set of U.S. DNN company supported by Microsoft , based on the ASP.NET platform for open source content management system CMS. The system is easy to install , scalable , feature-rich and so on. DotNetNuke DNN suffers from a cross-site scripting vulnerability. A remote attacker...

4.3CVSS6.2AI score0.01754EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/02/06 12:0 a.m.21 views

Novell eDirectory iMonitor Multiple Vulnerabilities (Feb 2015)

Novell eDirectory is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:netiq:edirectory";...

4.3CVSS6.5AI score0.02EPSS
Exploits2References5
CNVD
CNVD
added 2015/02/02 12:0 a.m.2 views

Fortinet FortiAuthenticator Appliance Cross-Site Scripting Vulnerability Vulnerability

Fortinet FortiAuthenticator is a family of secure authentication software from Fortinet that can be combined with FortiToken two-factor authentication token to provide secure two-factor authentication to third-party devices authenticated via RADIUS or LDAP. The Fortinet FortiAuthenticator Applian...

6.7AI score
Exploits0References1
Rows per page
Query Builder