PT-2025-53346

Name of the Vulnerable Software and Affected Versions Riello UPS NetMan 208 Application versions prior to 1.12 Description The Riello UPS NetMan 208 Application, before version 1.12, contains a cross-site scripting XSS issue in the cgi-bin/loginbanner w.cgi component. This allows for the injectio...

EUVD-2006-1700

Malware in sbrugna...

PT-2024-35414 · Piwigo · Piwigo

Name of the Vulnerable Software and Affected Versions: Piwigo version 14.5.0 Description: A stored cross-site scripting XSS issue in the Configuration page allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page banner parameter. This could potential...

CVE-2024-52701

A stored cross-site scripting XSS vulnerability in the Configuration page of Piwigo v14.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page banner parameter...

CVE-2024-52701

CVE-2024-52701 is a stored XSS in Piwigo v14.5.0 (Configuration page) where a crafted payload inserted into the Page banner parameter can execute arbitrary scripts/HTML in a victim’s browser. Affected software: Piwigo 14.5.0; impact is browser-based script execution with low integrity/confidentia...

Cross site scripting

ilchCMS 2.1.23 allows XSS via the index.php/partner/index Banner parameter...

CVE-2019-20524

ilchCMS 2.1.23 allows XSS via the index.php/partner/index Banner parameter...

Cisco IOS XE Software Stored Banner XSS (cisco-sa-20190925-sbxss)

According to its self-reported version, Cisco IOS XE Software is affected by a cross-site scripting vulnerability which allows an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected software using the banner...

CVE-2019-12668

A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected software using the banner parameter. The vulnerability is due to...

CVE-2019-12668

Cisco IOS and IOS XE Software contain a stored cross-site scripting (XSS) vulnerability in the web framework banner handling. An authenticated, remote attacker can craft and save a banner parameter to trigger XSS in the web interface, potentially executing script code or exposing browser-based in...

Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability

A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected software using the banner parameter. The vulnerability is due to...

MaxWebPortal <= 1.33 Multiple Vulnerabilities

The remote host is running a version of MaxWebPortal that is prone to multiple input validation vulnerabilities: - Multiple SQL Injection Vulnerabilities An attacker can inject SQL statements via various scripts to manipulate database queries. - A Cross-Site Scripting Vulnerability An attacker ca...