Lucene search
K

7613 matches found

Cvelist
Cvelist
added 2024/01/23 9:38 a.m.33 views

CVE-2024-23181

Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote unauthenticated...

7.1AI score0.00411EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/01/23 9:38 a.m.3 views

CVE-2024-23181

Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote unauthenticated...

6.6AI score0.00411EPSS
Exploits0References2
CVE
CVE
added 2024/01/23 9:38 a.m.49 views

CVE-2024-23181

CVE-2024-23181 concerns a-blog cms. The Red Hat, NVD, and JVN-enriched records identify a cross-site scripting vulnerability in a-blog cms versions: 3.1.x before 3.1.7, 3.0.x before 3.0.29, 2.11.x before 2.11.58, 2.10.x before 2.10.50, and 2.9.0 and earlier. The issue allows a remote unauthentica...

6.1CVSS6.8AI score0.00411EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/01/19 4:15 a.m.21 views

CVE-2024-23387

FusionPBX prior to 5.1.0 contains a cross-site scripting vulnerability. If this vulnerability is exploited by a remote authenticated attacker with an administrative privilege, an arbitrary script may be executed on the web browser of the user who is logging in to the product...

4.8CVSS4.8AI score0.00458EPSS
Exploits0References3
Prion
Prion
added 2024/01/19 4:15 a.m.18 views

Cross site scripting

FusionPBX prior to 5.1.0 contains a cross-site scripting vulnerability. If this vulnerability is exploited by a remote authenticated attacker with an administrative privilege, an arbitrary script may be executed on the web browser of the user who is logging in to the product...

4.3CVSS6.2AI score0.00458EPSS
Exploits0References3Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2024/01/19 12:0 a.m.14 views

Trend Micro Mobile Security for Enterprises vpplist_assign_list Cross-Site Scripting Vulnerability

This vulnerability allows remote attackers to execute web requests with the victim's privileges on affected installations of Trend Micro Mobile Security for Enterprises. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious...

6.3CVSS7.2AI score0.01798EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/01/19 12:0 a.m.13 views

Trend Micro Mobile Security for Enterprises ServerUpdate_UpdateSuccessful Cross-Site Scripting Vulnerability

This vulnerability allows remote attackers to execute web requests with the victim's privileges on affected installations of Trend Micro Mobile Security for Enterprises. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious...

6.3CVSS7.2AI score0.00507EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/19 12:0 a.m.5 views

FusionPBX Security Vulnerabilities

FusionPBX is a scalable, multi-threaded communications platform. The platform can be used as a call center server, fax server, VOIP server, voicemail server, conferencing server and voice application server. A security vulnerability exists in FusionPBX versions prior to 5.1.0. An attacker can...

4.8CVSS7.2AI score0.00458EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/01/18 12:0 a.m.6 views

PT-2024-19862 · Fusionpbx · Fusionpbx

Name of the Vulnerable Software and Affected Versions: FusionPBX versions prior to 5.1.0 Description: The issue allows a remote authenticated attacker with administrative privileges to execute an arbitrary script on the web browser of the user logging in to the product. This is achieved through a...

4.8CVSS5AI score0.00458EPSS
Exploits0References10
Zero Day Initiative
Zero Day Initiative
added 2024/01/18 12:0 a.m.13 views

Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.1CVSS7.5AI score0.00936EPSS
Exploits0References1
NVD
NVD
added 2024/01/17 5:15 p.m.12 views

CVE-2024-20270

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This...

5.4CVSS5AI score0.00355EPSS
Exploits0References1
NVD
NVD
added 2024/01/17 5:15 p.m.29 views

CVE-2024-20251

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to perform a stored cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability exists because the web-based...

5.4CVSS5AI score0.00355EPSS
Exploits0References1
Prion
Prion
added 2024/01/17 5:15 p.m.20 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to perform a stored cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability exists because the web-based...

4.9CVSS6AI score0.00355EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/17 5:15 p.m.23 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This...

4.9CVSS6AI score0.00355EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2024/01/17 4:55 p.m.103 views

CVE-2024-20251

Cisco Identity Services Engine (ISE) web-based management interface is affected by a stored XSS due to improper input validation. An authenticated, remote attacker could inject malicious script on interface pages, potentially executing code in the user’s browser or accessing browser-based data. M...

5.4CVSS5AI score0.00355EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/17 4:55 p.m.11 views

CVE-2024-20251

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to perform a stored cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability exists because the web-based...

4.8CVSS6AI score0.00355EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/17 4:55 p.m.34 views

CVE-2024-20251

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to perform a stored cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability exists because the web-based...

4.8CVSS5.4AI score0.00355EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/17 4:53 p.m.21 views

CVE-2024-20270

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This...

4.8CVSS5.4AI score0.00355EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/15 12:0 a.m.4 views

Pleasanter Cross-Site Scripting Vulnerability

Pleasanter is a free OSS no-code/low-code development tool from Pleasanter. A security vulnerability exists in Pleasanter 1.3.49.0 and prior versions, which stems from the presence of a cross-site scripting XSS vulnerability that can be exploited by an attacker to lure a user into visiting the...

6.1CVSS5.8AI score0.00355EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/01/13 12:0 a.m.3 views

Simple Online Hotel Reservation System 跨站脚本漏洞

Simple Online Hotel Reservation System is an online hotel reservation system. A cross-site scripting vulnerability exists in Simple Online Hotel Reservation System version 1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the addreserve.php file, and can ...

6.1CVSS6.1AI score0.00556EPSS
Exploits1References4
Rows per page
Query Builder