1057 matches found
CVE-2020-21362
A cross site scripting XSS vulnerability in the background search function of Maccms10 allows attackers to execute arbitrary web scripts or HTML via the 'wd' parameter...
Cybozu Garoon Cross-Site Scripting Vulnerability (CNVD-2021-59740)
A cross-site scripting vulnerability exists in Scheduler in Cybozu Garoon, a portal-based OA office system from Cybozu Japan. An attacker can use this vulnerability to execute arbitrary scripts on a logged-in user's Web browser...
Cybozu Garoon Bulletin Cross-Site Scripting Vulnerability
A cross-site scripting vulnerability exists in Bulletin in Cybozu Garoon, a portal-based OA office system from Cybozu Japan. An attacker can use this vulnerability to execute arbitrary scripts on a logged-in user's Web browser...
Cybozu Garoon Message Cross-Site Scripting Vulnerability
A cross-site scripting vulnerability exists in Message in Cybozu Garoon, a portal-based OA office system from Cybozu Japan. An attacker can use this vulnerability to execute arbitrary scripts on a logged-in user's Web browser...
Cybozu Garoon Full Text Search Cross-Site Scripting Vulnerability
A cross-site scripting vulnerability exists in Full Text Search in Cybozu Garoon, a portal-based OA system from Cybozu Japan. An attacker can use this vulnerability to execute arbitrary scripts on a logged-in user's Web browser...
Cybozu Garoon Cross-Site Scripting Vulnerability (CNVD-2021-59722)
A cross-site scripting vulnerability exists in some functions of Cybozu Garoon's group email. An attacker can exploit this vulnerability to execute arbitrary scripts on the logged-in user's Web browser...
Cybozu Garoon Cross-Site Scripting Vulnerability (CNVD-2021-59719)
Cybozu Garoon is a portal-based OA office system from Cybozu Japan. A cross-site scripting vulnerability exists in some of the email functions in Cybozu Garoon. An attacker can use this vulnerability to execute arbitrary scripts on a logged-in user's Web browser...
Liferay Portal 和 Liferay DXP 跨站脚本漏洞
Liferay Portal and Liferay DXP are both products of Liferay, a J2EE-based portal solution that uses EJB and JMS technologies and serves as a web publishing and shared workspace, enterprise collaboration platform, social network, etc. Liferay DXP is a digital experience collaboration platform...
S-CMS 跨站脚本漏洞
S-CMS is a product developed by Zibo Shining Network Technology Co., Ltd. that provides solutions for building enterprise websites. /app/formadd/ in S-CMS 3.0 has a stored cross-site scripting vulnerability that can be exploited to execute arbitrary Web scripts or HTML via the title entry text bo...
CVE-2020-35985
A stored cross site scripting XSS vulnerability in the 'Global Lists" feature of Rukovoditel 2.7.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Name' parameter...
Cross site scripting
A stored cross site scripting XSS vulnerability in the 'Admin-Tools' feature of BlackCat CMS 1.3.6 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads entered into the 'Output Filters' and 'Droplets' modules...
moziloCMS 跨站脚本漏洞
moziloCMS is open source a content management system CMS. A security vulnerability exists in moziloCMS, which can be exploited by an attacker to execute arbitrary web script or HTML through a specially crafted load by entering the "Content" parameter...
PHP-Fusion cross-site scripting vulnerability (CNVD-2021-48512)
PHP-Fusion is a lightweight open source content management system. A stored cross-site scripting vulnerability exists in /administration/settingsregistration.php in PHP-Fusion version 9.03.60, which can be exploited to execute arbitrary web script or HTML via the "registration" field...
CVE-2020-23192
A stored cross site scripting XSS vulnerability in phplist 3.5.4 and below allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload in the "admin" parameter under the "Manage administrators" module...
Cross site scripting
A stored cross scripting XSS vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Create a new Design" parameter under the "Designs" module...
Cross site scripting
A stored cross scripting XSS vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Exclude these IP addresses from the "Site Down" status" parameter under the "Maintenance Mode" module...
Ec-cube 跨站脚本漏洞
Ec-Cube is an open source system for creating shopping websites. A cross-site scripting vulnerability exists in Ec-Cube. An attacker can exploit this vulnerability by tricking an administrator or user into visiting a specially crafted page and performing certain actions to execute arbitrary scrip...
Ice Hrm 跨站脚本漏洞
Ice Hrm is a human resource management system. A cross-site scripting vulnerability exists in Ice Hrm 29.0.0 OS. An attacker can exploit the vulnerability by uploading a crafted file that will result in the execution of arbitrary web script or HTML...
iCMS 跨站请求伪造漏洞
iCMS is an efficient and simple content management system built with PHP and MySQL. A cross-site request forgery vulnerability exists in iCMS version 7.0.16. An attacker can exploit this vulnerability to execute arbitrary web scripts...
WonderLink Yomi-Search 跨站脚本漏洞
WonderLink Yomi-Search is a WonderLink application. A multi-purpose search engine. A security vulnerability exists in Yomi-Search Ver4.22, which can be exploited to execute arbitrary script on the web browser of a user accessing a website that uses Yomi-Search...