70 matches found
Emlog 跨站脚本漏洞
emlog is a PHP and MySQL based CMS builder for emlog personal developers. A cross-site scripting vulnerability exists in Emlog Pro v2.0.3. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary We...
CVE-2023-30338
Multiple stored cross-site scripting XSS vulnerabilities in Emlog Pro v2.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Article Title or Article Summary parameters...
CVE-2023-27090
Cross Site Scripting vulnerability found in TeaCMS storage allows attacker to cause a leak of sensitive information via the article title parameter...
CVE-2023-27090
Cross Site Scripting vulnerability found in TeaCMS storage allows attacker to cause a leak of sensitive information via the article title parameter...
Cross site scripting
Cross Site Scripting vulnerability found in TeaCMS storage allows attacker to cause a leak of sensitive information via the article title parameter...
CVE-2023-27090
Cross Site Scripting vulnerability found in TeaCMS storage allows attacker to cause a leak of sensitive information via the article title parameter...
CVE-2023-1616
A vulnerability was found in XiaoBingBy TeaCMS up to 2.0.2. It has been classified as problematic. Affected is an unknown function of the component Article Title Handler. The manipulation with the input alertdocument.cookie leads to cross site scripting. It is possible to launch the attack...
CVE-2023-1616
A vulnerability was found in XiaoBingBy TeaCMS up to 2.0.2. It has been classified as problematic. Affected is an unknown function of the component Article Title Handler. The manipulation with the input alertdocument.cookie leads to cross site scripting. It is possible to launch the attack...
Cross site scripting
A vulnerability was found in XiaoBingBy TeaCMS up to 2.0.2. It has been classified as problematic. Affected is an unknown function of the component Article Title Handler. The manipulation with the input alertdocument.cookie leads to cross site scripting. It is possible to launch the attack...
CVE-2023-1616 XiaoBingBy TeaCMS Article Title cross site scripting
A vulnerability was found in XiaoBingBy TeaCMS up to 2.0.2. It has been classified as problematic. Affected is an unknown function of the component Article Title Handler. The manipulation with the input alertdocument.cookie leads to cross site scripting. It is possible to launch the attack...
PT-2023-17121 · Teacms · Teacms
Name of the Vulnerable Software and Affected Versions: TeaCMS versions up to 2.0.2 Description: A problematic issue was found in TeaCMS, affecting an unknown function of the Article Title Handler component. This issue allows for cross site scripting when an attacker manipulates the input with...
Publify 输入验证错误漏洞
Publify is a simple but full-featured web publishing software. versions of Publify prior to 9.2.10 contain an input validation error vulnerability that stems from the fact that it allows the insertion of large characters "title name and post field" into the input field of an article field, allowi...
Pomash 跨站脚本漏洞
Pomash is a lightweight blogging system by the individual developer of JmPotato. Pomash suffers from a cross-site scripting vulnerability that stems from incorrect manipulation of the parameters article.title/content.title/article.tag leading to cross-site scripting...
PT-2022-8061 · Unknown · Jmpotato Pomash
Name of the Vulnerable Software and Affected Versions: JmPotato Pomash affected versions not specified Description: A problematic vulnerability was found in JmPotato Pomash, affecting an unknown part of the file Pomash/theme/clean/templates/editor.html. The manipulation of the article.title,...
GHSA-M2GX-7PVX-3GVG Liferay Portal Vulnerable to Cross-Site Scripting (XSS) via a Journal Article Title
Liferay Portal through 7.2.0 GA1 allows XSS via a journal article title to journalarticle/page.jsp in journal/journal-taglib...
Liferay Portal Vulnerable to Cross-Site Scripting (XSS) via a Journal Article Title
Liferay Portal through 7.2.0 GA1 allows XSS via a journal article title to journalarticle/page.jsp in journal/journal-taglib...
GHSA-75X7-W445-5GWR Liferay Portal Vulnerable to XSS via a Knowledge Base Article Title
XSS exists in Liferay Portal before 7.0 CE GA4 via a Knowledge Base article title...
Liferay Portal Vulnerable to XSS via a Knowledge Base Article Title
XSS exists in Liferay Portal before 7.0 CE GA4 via a Knowledge Base article title...
CVE-2022-22123
In Halo, versions v1.0.0 to v1.4.17 latest are vulnerable to Stored Cross-Site Scripting XSS in the article title. An authenticated attacker can inject arbitrary javascript code that will execute on a victim’s server...
CVE-2022-22123 Halo CMS - Stored Cross-Site Scripting (XSS) in Article's Title
In Halo, versions v1.0.0 to v1.4.17 latest are vulnerable to Stored Cross-Site Scripting XSS in the article title. An authenticated attacker can inject arbitrary javascript code that will execute on a victim’s server...