2465 matches found
CVE-2020-26641
A Cross Site Request Forgery CSRF vulnerability was discovered in iCMS 7.0.16 which can allow an attacker to execute arbitrary web scripts...
WordPress Larsens Calender plugin cross-site scripting vulnerability
WordPress Larsens Calender is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in WordPress Larsens Calender plugin version 1.2 and earlier versions, which can be exploited by remote attackers to execute arbitrary web scripts via the "Eintrage hinzufuge...
Cross-site Scripting (XSS)
markdown-it-katex is vulnerable to cross-site scripting. The vulnerability exists in index.js once the parser return an error it returns katex without sanitizing as HTML tags, allowing a malicious user to inject and execute arbitrary web scripts...
Cross-site Scripting (XSS)
paypal/merchant-sdk-php is vulnerable to cross-site scriptingXSS attacks. The vulnerability exists due to insufficient filtration of user-supplied data in token HTTP GET parameter in samples/AccountAuthentication/GetAuthDetails.html.php, allowing a malicious user to inject and execute arbitrary w...
NewStart CGSL MAIN 5.04 : mailman Vulnerability (NS-SA-2019-0008)
The remote NewStart CGSL host, running version MAIN 5.04, has mailman packages installed that are affected by a vulnerability: - A cross-site scripting XSS flaw was found in mailman. An attacker, able to trick the user into visiting a specific URL, can execute arbitrary web scripts on the user's...
CVE-2018-16248
b3log Solo 2.9.3 has XSS in the Input page under the "Publish Articles" menu with an ID of "articleTags" stored in the "tag" JSON field, which allows remote attackers to inject arbitrary Web scripts or HTML via a carefully crafted site name in an admin-authenticated HTTP request...
Cross site scripting
A reflected Cross-Site scripting XSS vulnerability in SEMCO Semcosoft 5.3 allows remote attackers to inject arbitrary web scripts or HTML via the username parameter to the Login Form...
Joomla! Component jDownloads Cross-Site Scripting Vulnerability
Joomla! is the U.S. Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds, site search and other functions . jDownloads is Joomla! A cross-site scripting vulnerability exists in Joomla! Component jDownloads. Allows remote attackers to...
CVE-2017-12072
Cross-site scripting XSS vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.8.0-3456 allows remote authenticated users to inject arbitrary web scripts or HTML via the id parameter...
CVE-2017-12072
Cross-site scripting XSS vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.8.0-3456 allows remote authenticated users to inject arbitrary web scripts or HTML via the id parameter...
CVE-2017-2171
Cross-site scripting vulnerability in Captcha prior to version 4.3.0, Car Rental prior to version 1.0.5, Contact Form Multi prior to version 1.2.1, Contact Form prior to version 4.0.6, Contact Form to DB prior to version 1.5.7, Custom Admin Page prior to version 0.1.2, Custom Fields Search prior ...
Nagios Cross-Site Scripting Vulnerability
Nagios is a free and open source computer software application for monitoring systems, networks and infrastructure. Nagios suffers from a cross-site scripting vulnerability. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...
Tenable Log Correlation Engine Cross-Site Scripting Vulnerability
Tenable Log Correlation Engine a.k.a. LCE is a log correlation engine that provides log analysis and event monitoring from Tenable Network Security. A cross-site scripting vulnerability exists in versions of Tenable LCE prior to 4.8.1. A remote attacker can exploit this vulnerability to execute...
Multiple Buffalo Products Cross-Site Scripting Vulnerabilities
Buffalo is the wireless router product of the Buffalo Group. A cross-site scripting vulnerability exists in multiple Buffalo products. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...
Google Chrome Multiple Vulnerabilities - 01 (Jun 2014) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
Cross site scripting
Cross-site scripting XSS vulnerability in Coursemill Learning Management System LMS 6.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking page, related to 1 libraries/tbllinks.inc.php and...
SimpNews Multiple Vulnerabilities
This host is running SimpNews and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbsimpnewsmultvuln.nasl 7573 2017-10-26 09:18:50Z cfischer $ SimpNews Multiple Vulnerabilities Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspecified vectors, a different issue than CVE-2008-6113. NOTE: some of these details are obtained from...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the WEC Discussion Forum wecdiscussion extension 1.7.0 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-3029...