1057 matches found
CVE-2017-5124
Removed by vendor...
Trend Micro Smart Protection Server Cross-Site Scripting Vulnerability
Trend Micro Smart Protection Server is the next generation of cloud-based advanced protection solutions. Trend Micro Smart Protection Server suffers from a cross-site scripting vulnerability that could allow an attacker to steal cookie authentication credentials, execute arbitrary scripts, and mo...
CVE-2017-15429
Inappropriate implementation in V8 WebAssembly JS bindings in Google Chrome prior to 63.0.3239.108 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page...
Logitech Media Server Cross-Site Scripting Vulnerability (CNVD-2017-36360)
Logitech Media Server is an audio playback software from Logitech USA. A cross-site scripting vulnerability exists in Logitech Media Server version 7.9.0. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...
WordPress WP Jobs Plugin Cross-Site Scripting Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.WP Jobs plugin is one of the post management plugin. A cross-site scripting vulnerability exists in version 1.5 of...
Cross-Site Scripting (XSS)
drupal is vulnerable to cross-site scripting XSS attacks. A malicious user can inject arbitrary scripts through the markup element as it is not sanitized before rendering...
Ellucian Banner Student Cross-Site Scripting Vulnerability
Ellucian formerly known as SunGard Banner Student is a set of student information management system of the American Ellucian Company. The system has functions such as grade release, student attendance and student information statistics. A cross-site scripting vulnerability exists in Ellucian Bann...
Centreon 'Comments' POST Parameter Cross Site Scripting Vulnerability
Centreon is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:centreon:centreon";...
anchor-cms cross-site scripting vulnerability
anchor-cms is an open source light blogging system. The system supports Markdown editor , custom fields and multiple languages and so on. A cross-site scripting vulnerability exists in versions prior to anchor-cms 0.9-dev. A remote attacker can exploit this vulnerability to inject arbitrary web...
doczz.fr XSS vulnerability
Vulnerable URL: http://doczz.fr/search/?q=%22%3E%3Cscript%3Ealert%27OPENBUGBOUNTY%27%3C/script%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 17.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 312106 VIP website status:| No...
Stored Cross-Site Scripting Vulnerability in DocCMS
Rice husk enterprise building system, also known as rice husk cms, doccms, formerly known as deep throat enterprise building system ShlCms, is the industry's leading free open source enterprise website building system, enterprise website generation system. DocCMS 2016 version of a stored cross-si...
Fortinet FortiOS Cross-Site Scripting Vulnerability (CNVD-2017-26263)
Fortinet FortiOS is the United States Fita Fortinet company developed a set of dedicated to FortiGate network security platform on the security operating system. A cross-site scripting vulnerability exists in Fortinet FortiOS. A remote attacker could exploit this vulnerability to execute arbitrar...
atmail Cross-Site Scripting Vulnerability
atmail is an open source WebMail client from Australia's atmail company , which provides a Webmail interface , address book management , calendars and other features , and supports IMAP, video mail and so on. A cross-site scripting vulnerability exists in versions of atmail prior to 7.8.0.2. A...
WordPress Download Manager plugin cross-site scripting vulnerability
WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress Download Manager plugin. A remote attacker can...
Sophos Cyberoam - Cross-site scripting
Sophos Cyberoam - Cross-site scripting Exploit Title: Sophos Cyberoam – Cross-site scripting XSS vulnerability Date: 25/05/2017 Exploit Author: Bhadresh Patel Version: = Firmware Version 10.6.4 CVE : CVE-2016-9834 This is an article with video tutorial for Sophos Cyberoam – Cross-site scripting X...
WordPress Cross-Site Scripting Vulnerability (CNVD-2017-07304)
WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress versions prior to 4.7.5. A remote attacker can explo...
Empirical Project Monitor - eXtended vulnerable to cross-site scripting
Overview Empirical Project Monitor - eXtended provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA contains a stored cross-site scripting vulnerability CWE-79. Note that this vulnerability is different from JVN11326581. Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. report...
The installer of SOY CMS vulnerable to cross-site scripting
Overview SOY CMS provided by Nippon Institute of Agroinformatics Ltd. is a Contents Management System CMS. The installer of SOY CMS contains a cross-site scripting vulnerability CWE-79 due to a flaw in processing parameter. Satoshi Ogawa of Mitsui Bussan Secure Directions,Inc. reported this...
indiacom.com XSS vulnerability
Vulnerable URL: http://www.indiacom.com/yellow-pages/hospitals-eye-care/rourkela/?pincode=1%22/%3E%3CsvG%20onLoad=alert%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...
CVE-2017-2140
Tablacus Explorer 17.3.30 and earlier allows arbitrary scripts to be executed in the context of the application due to specially crafted directory...