EUVD-2024-47487

Malicious code in bioql PyPI...

CVE-2024-20525

A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An...

CVE-2021-43841

XWiki is a generic wiki platform offering runtime services for applications built on top of it. When using default XWiki configuration, it's possible for an attacker to upload an SVG containing a script executed when executing the download action on the file. This problem has been patched so that...

Cross-site Scripting (XSS)

Overview magento/project-community-edition is an eCommerce Platform for Growth Community Edition Affected versions of this package are vulnerable to Cross-site Scripting XSS through the manipulation of vulnerable form fields. An attacker can execute arbitrary scripts in the context of the user's...

CVE-2023-27499 Cross-Site Scripting (XSS) vulnerability in SAP GUI for HTML

SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting XSS vulnerability. An attacker could craft a malicious URL and lure...

Librenms 跨站脚本漏洞

Librenms is a PHP and MySQL based open source network monitoring system from the Librenms community. The system features custom alerts, auto-discovery of network environments and automatic updates.Librenms suffers from a cross-site scripting vulnerability that stems from the lack of proper...

cPanel Cross-Site Scripting Vulnerability (CNVD-2019-26358)

cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in the WHM listips interface in versions prior to cPanel 68.0.27. The...

MiniCMS Cross-Site Scripting Vulnerability (CNVD-2019-23979)

MiniCMS is a content management system CMS designed for personal websites. A cross-site scripting vulnerability exists in the mc-admin/post-edit.php file in MiniCMS version 1.10. The vulnerability stems from the lack of proper validation of client-side data by the WEB application. An attacker can...

Chamilo LMS Cross-Site Request Forgery Vulnerability

Chamilo LMS is an open source online learning and collaboration system developed by the Chamilo Association. The system supports the creation of instructional content, distance training and online question and answer sessions. Chamilo LMS suffers from cross-site request forgery vulnerabilities th...

TinyWebGallery Cross-Site Scripting Vulnerability

TinyWebGallery TWG is a software developer Michael Dempfle developed a set of open source album based on Ajax, PHP and XML , it provides text and image watermarking , slide show , image uploading and management and other functions . A cross-site scripting vulnerability exists in TWG that stems fr...

Barracuda Networks IM Firewall Cross-Site Scripting Vulnerability

Barracuda Networks IM Firewall is an instant messaging solution from Barracuda Networks that integrates an IM server, client management and security measures. The solution provides keyword identification and reporting, file transfer, IM traffic identification and logging. A cross-site scripting...

CVE-2003-0447

The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute script in the Local Zone via an argument to shdocvw.dll that causes a "javascript:" link to be generated...

PostNuke 0.72 - modules.php Cross-Site Scripting

PostNuke 0.72 - modules.php Cross-Site Scripting source: https://www.securityfocus.com/bid/5809/info A cross site scripting vulnerability has been reported for PostNuke. An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link. Attacker-supplied HTML and...

GNU Mailman 2.0.x - Admin Login Variant Cross-Site Scripting

GNU Mailman 2.0.x - Admin Login Variant Cross-Site Scripting source: https://www.securityfocus.com/bid/5299/info GNU Mailman is prone to a cross-site scripting vulnerability. An attacker may construct a malicious link to the administrative login page, which contains arbitrary HTML and script code...

CVE-2002-0026

Internet Explorer 5.5 and 6.0 allows remote attackers to bypass restrictions for executing scripts via an object that processes asynchronous events after the initial security checks have been made...

Microsoft SQLXML HTTP components vulnerable to cross-site scripting via root parameter

Overview A cross-site scripting vulnerability exists in the Microsoft SQLXML HTTP components. This vulnerability could allow an attacker to execute script on a victim's system with the victim's privileges. Description Microsoft SQL Server 2000 includes a feature called SQLXML that allows the serv...