PT-2025-53346

Name of the Vulnerable Software and Affected Versions Riello UPS NetMan 208 Application versions prior to 1.12 Description The Riello UPS NetMan 208 Application, before version 1.12, contains a cross-site scripting XSS issue in the cgi-bin/loginbanner w.cgi component. This allows for the injectio...

EUVD-2006-1700

Malware in sbrugna...

CVE-2024-52701

A stored cross-site scripting XSS vulnerability in the Configuration page of Piwigo v14.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page banner parameter...

CVE-2024-52701

CVE-2024-52701 is a stored XSS in Piwigo v14.5.0 (Configuration page) where a crafted payload inserted into the Page banner parameter can execute arbitrary scripts/HTML in a victim’s browser. Affected software: Piwigo 14.5.0; impact is browser-based script execution with low integrity/confidentia...

PT-2024-35414 · Piwigo · Piwigo

Name of the Vulnerable Software and Affected Versions: Piwigo version 14.5.0 Description: A stored cross-site scripting XSS issue in the Configuration page allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Page banner parameter. This could potential...

Cross site scripting

ilchCMS 2.1.23 allows XSS via the index.php/partner/index Banner parameter...

CVE-2019-20524

ilchCMS 2.1.23 allows XSS via the index.php/partner/index Banner parameter...

Cisco IOS XE Software Stored Banner XSS (cisco-sa-20190925-sbxss)

According to its self-reported version, Cisco IOS XE Software is affected by a cross-site scripting vulnerability which allows an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected software using the banner...

The vulnerability of Cisco IOS and Cisco IOS XE operating systems, related to the lack of measures for cleaning input data, allows attackers to execute cross-site scripting attacks.

The vulnerability of Cisco IOS and Cisco IOS XE systems is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to perform domain-to-domain scenario attacks using the HTTP banner parameter...

CVE-2019-12668

A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected software using the banner parameter. The vulnerability is due to...

CVE-2019-12668

Cisco IOS and IOS XE Software contain a stored cross-site scripting (XSS) vulnerability in the web framework banner handling. An authenticated, remote attacker can craft and save a banner parameter to trigger XSS in the web interface, potentially executing script code or exposing browser-based in...

Cisco IOS and IOS XE Software Stored Banner Cross-Site Scripting Vulnerability

A vulnerability in the web framework code of Cisco IOS and Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected software using the banner parameter. The vulnerability is due to...

MaxWebPortal <= 1.33 Multiple Vulnerabilities

The remote host is running a version of MaxWebPortal that is prone to multiple input validation vulnerabilities: - Multiple SQL Injection Vulnerabilities An attacker can inject SQL statements via various scripts to manipulate database queries. - A Cross-Site Scripting Vulnerability An attacker ca...