Lucene search
+L

70 matches found

CNNVD
CNNVD
added 2023/04/27 12:0 a.m.6 views

Emlog 跨站脚本漏洞

emlog is a PHP and MySQL based CMS builder for emlog personal developers. A cross-site scripting vulnerability exists in Emlog Pro v2.0.3. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary We...

5.4CVSS6.2AI score0.00419EPSS
Exploits1References2
OSV
OSV
added 2023/04/27 12:0 a.m.20 views

CVE-2023-30338

Multiple stored cross-site scripting XSS vulnerabilities in Emlog Pro v2.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Article Title or Article Summary parameters...

5.4CVSS5.9AI score0.00419EPSS
Exploits1References3
OSV
OSV
added 2023/04/20 8:15 p.m.4 views

CVE-2023-27090

Cross Site Scripting vulnerability found in TeaCMS storage allows attacker to cause a leak of sensitive information via the article title parameter...

5.4CVSS6AI score0.00427EPSS
Exploits1References2
NVD
NVD
added 2023/04/20 8:15 p.m.26 views

CVE-2023-27090

Cross Site Scripting vulnerability found in TeaCMS storage allows attacker to cause a leak of sensitive information via the article title parameter...

5.4CVSS5.2AI score0.00427EPSS
Exploits1References2
Prion
Prion
added 2023/04/20 8:15 p.m.15 views

Cross site scripting

Cross Site Scripting vulnerability found in TeaCMS storage allows attacker to cause a leak of sensitive information via the article title parameter...

4.9CVSS5.3AI score0.00427EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/20 12:0 a.m.3 views

CVE-2023-27090

Cross Site Scripting vulnerability found in TeaCMS storage allows attacker to cause a leak of sensitive information via the article title parameter...

5.3AI score0.00427EPSS
Exploits1References2
OSV
OSV
added 2023/03/24 8:15 a.m.5 views

CVE-2023-1616

A vulnerability was found in XiaoBingBy TeaCMS up to 2.0.2. It has been classified as problematic. Affected is an unknown function of the component Article Title Handler. The manipulation with the input alertdocument.cookie leads to cross site scripting. It is possible to launch the attack...

5.4CVSS3.7AI score0.00475EPSS
Exploits1References3
NVD
NVD
added 2023/03/24 8:15 a.m.24 views

CVE-2023-1616

A vulnerability was found in XiaoBingBy TeaCMS up to 2.0.2. It has been classified as problematic. Affected is an unknown function of the component Article Title Handler. The manipulation with the input alertdocument.cookie leads to cross site scripting. It is possible to launch the attack...

5.4CVSS4.3AI score0.00475EPSS
Exploits1References3
Prion
Prion
added 2023/03/24 8:15 a.m.19 views

Cross site scripting

A vulnerability was found in XiaoBingBy TeaCMS up to 2.0.2. It has been classified as problematic. Affected is an unknown function of the component Article Title Handler. The manipulation with the input alertdocument.cookie leads to cross site scripting. It is possible to launch the attack...

4CVSS5.3AI score0.00475EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/03/24 7:31 a.m.25 views

CVE-2023-1616 XiaoBingBy TeaCMS Article Title cross site scripting

A vulnerability was found in XiaoBingBy TeaCMS up to 2.0.2. It has been classified as problematic. Affected is an unknown function of the component Article Title Handler. The manipulation with the input alertdocument.cookie leads to cross site scripting. It is possible to launch the attack...

4CVSS5.5AI score0.00475EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/03/24 12:0 a.m.6 views

PT-2023-17121 · Teacms · Teacms

Name of the Vulnerable Software and Affected Versions: TeaCMS versions up to 2.0.2 Description: A problematic issue was found in TeaCMS, affecting an unknown function of the Article Title Handler component. This issue allows for cross site scripting when an attacker manipulates the input with...

5.4CVSS6.5AI score0.00475EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/01/14 12:0 a.m.6 views

Publify 输入验证错误漏洞

Publify is a simple but full-featured web publishing software. versions of Publify prior to 9.2.10 contain an input validation error vulnerability that stems from the fact that it allows the insertion of large characters "title name and post field" into the input field of an article field, allowi...

9.8CVSS8AI score0.00909EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/12/28 12:0 a.m.5 views

Pomash 跨站脚本漏洞

Pomash is a lightweight blogging system by the individual developer of JmPotato. Pomash suffers from a cross-site scripting vulnerability that stems from incorrect manipulation of the parameters article.title/content.title/article.tag leading to cross-site scripting...

6.1CVSS4.2AI score0.00466EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/12/28 12:0 a.m.7 views

PT-2022-8061 · Unknown · Jmpotato Pomash

Name of the Vulnerable Software and Affected Versions: JmPotato Pomash affected versions not specified Description: A problematic vulnerability was found in JmPotato Pomash, affecting an unknown part of the file Pomash/theme/clean/templates/editor.html. The manipulation of the article.title,...

6.1CVSS4.1AI score0.00466EPSS
Exploits0References7
OSV
OSV
added 2022/05/24 4:55 p.m.8 views

GHSA-M2GX-7PVX-3GVG Liferay Portal Vulnerable to Cross-Site Scripting (XSS) via a Journal Article Title

Liferay Portal through 7.2.0 GA1 allows XSS via a journal article title to journalarticle/page.jsp in journal/journal-taglib...

6.1CVSS5.6AI score0.00785EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/24 4:55 p.m.10 views

Liferay Portal Vulnerable to Cross-Site Scripting (XSS) via a Journal Article Title

Liferay Portal through 7.2.0 GA1 allows XSS via a journal article title to journalarticle/page.jsp in journal/journal-taglib...

6.1CVSS5.9AI score0.00785EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/05/17 2:15 a.m.4 views

GHSA-75X7-W445-5GWR Liferay Portal Vulnerable to XSS via a Knowledge Base Article Title

XSS exists in Liferay Portal before 7.0 CE GA4 via a Knowledge Base article title...

6.1CVSS6AI score0.00748EPSS
Exploits3References8
Github Security Blog
Github Security Blog
added 2022/05/17 2:15 a.m.5 views

Liferay Portal Vulnerable to XSS via a Knowledge Base Article Title

XSS exists in Liferay Portal before 7.0 CE GA4 via a Knowledge Base article title...

6.1CVSS5.8AI score0.00748EPSS
Exploits3References8Affected Software1
NVD
NVD
added 2022/01/13 5:15 p.m.26 views

CVE-2022-22123

In Halo, versions v1.0.0 to v1.4.17 latest are vulnerable to Stored Cross-Site Scripting XSS in the article title. An authenticated attacker can inject arbitrary javascript code that will execute on a victim’s server...

5.4CVSS0.00708EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/01/13 4:45 p.m.38 views

CVE-2022-22123 Halo CMS - Stored Cross-Site Scripting (XSS) in Article's Title

In Halo, versions v1.0.0 to v1.4.17 latest are vulnerable to Stored Cross-Site Scripting XSS in the article title. An authenticated attacker can inject arbitrary javascript code that will execute on a victim’s server...

5.4CVSS5.4AI score0.00708EPSS
Exploits1References3
Rows per page
Query Builder