94 matches found
EUVD-2013-0816
Malware in sbrugna...
EUVD-2012-1286
Malware in sbrugna...
EUVD-2009-4831
Malware in sbrugna...
EUVD-2007-3194
Malware in sbrugna...
EUVD-2009-3467
Malware in sbrugna...
EUVD-2015-5026
Malware in sbrugna...
CVE-2009-1942
Cross-site scripting XSS vulnerability in the Quiz module 5.x, 6.x-2.x before 6.x-2.2, and 6.x-3.x before 6.x-3.0, a module for Drupal, allows remote authenticated users, with create quizzes or quiz questions access, to inject arbitrary web script or HTML via unspecified vectors...
CVE-2024-3729
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to improper missing encryption exception handling on the 'feaencrypt' function in all versions up to, and including, 3.19.4. This makes it possible for unauthenticated attackers to manipulate the user processing forms, which can ...
CVE-2024-25603
Stored cross-site scripting XSS vulnerability in the Dynamic Data Mapping module's DDMForm in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and Liferay DXP 7.4.13, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions allows remote authenticated users...
Cross site scripting
Reflected cross-site scripting XSS vulnerability on the add assignees to a role page in Liferay Portal 7.3.3 through 7.4.3.97, and Liferay DXP 2023.Q3 before patch 6, 7.4 GA through update 92, and 7.3 before update 34 allows remote attackers to inject arbitrary web script or HTML via the...
GHSA-9VGQ-W5PV-V77Q Liferay Portal stored cross-site scripting (XSS) vulnerability
Stored cross-site scripting XSS vulnerability in the Portal Search module's Search Result app in Liferay Portal 7.2.0 through 7.4.3.11, and older unsupported versions, and Liferay DXP 7.4 before update 8, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions allows remote...
CVE-2024-25145
Stored cross-site scripting XSS vulnerability in the Portal Search module's Search Result app in Liferay Portal 7.2.0 through 7.4.3.11, and older unsupported versions, and Liferay DXP 7.4 before update 8, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions allows remote...
Cross site scripting
A Stored Cross-Site Scripting XSS vulnerability in the filter and forward mail tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via the save to new folder named field while creating a new filter...
CVE-2022-48547
A reflected cross-site scripting XSS vulnerability in Cacti 0.8.7g and earlier allows unauthenticated remote attackers to inject arbitrary web script or HTML in the "ref" parameter at authchangepassword.php...
Cross site scripting
Cross-site scripting XSS vulnerability in application/modules/admin/views/ecommerce/products.php in Ecommerce-CodeIgniter-Bootstrap Codeigniter 3.1.11, Bootstrap 3.3.7 allows remote attackers to inject arbitrary web script or HTML via the searchtitle parameter...
Monicahq Monica Stored Cross-Site Scripting (CVE-2021-27370)
A cross-site scripting vulnerability exists in Monicahq Monica. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Cross site scripting
A cross-site scripting XSS vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and 1.13.2 allows attackers to inject arbitrary web script or HTML via JSON properties available from the REST API...
CVE-2018-18678
GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board group extra contents" parameter, aka the adm/boardgroupformupdate.php gr110 parameter...
CVE-2017-15941
Cross-site scripting XSS vulnerability in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.7, when the GlobalProtect gateway or portal is configured, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2017-11198
Cross-site scripting XSS vulnerability in /application/lib/ajax/getimage.php in FineCMS through 2017-07-12 allows remote attackers to inject arbitrary web script or HTML via the folder, id, or name parameter...