493 matches found
ABB SREA-01 Communications Adapter Detection
Binary data 761513.prm...
Cisco Application Policy Infrastructure Controller Web-Based Management Interface Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability...
CVE-2019-1702 Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Enterprise Chat and Email could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected software. The vulnerabilities are due...
Cross site scripting
A vulnerability in the web-based management interface of Cisco DNA Center could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of...
Cisco DNA Center Access Contract Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco DNA Center could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of...
Unauthorized Access Vulnerability in Ewebeditor Editor of Fuzhou Extreme Software Development Co.
Fuzhou Extreme Software Development Co. eWebEditor editor is a browser-based online HTML editor. Fuzhou Extreme Software Development Co. eWebEditor editor has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information...
CVE-2019-1685 Cisco Unity Connection Reflected Cross-Site Scripting Vulnerability
A vulnerability in the Security Assertion Markup Language SAML single sign-on SSO interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. The vulnerability is due to...
Cross site scripting
A vulnerability in the web-based management interface of Cisco HyperFlex software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient...
CVE-2019-1665 Cisco Hyperflex Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco HyperFlex software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient...
CVE-2019-1671 Cisco Firepower Management Center Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Firepower Management Center FMC could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected system. The vulnerability is due to...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface of the affected software. The vulnerability is due to insufficient validation...
CVE-2019-1668 Cisco SocialMiner Chat Feed Cross-Site Scripting Vulnerability
A vulnerability in the chat feed feature of Cisco SocialMiner could allow an unauthenticated, remote attacker to perform cross-site scripting XSS attacks against a user of the web-based user interface of an affected system. This vulnerability is due to insufficient sanitization of user-supplied...
CVE-2018-0482 Cisco Prime Network Control System Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Prime Network Control System could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected system. The vulnerability is due to insufficient...
Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite TMS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...
Shopify: Reflected XSS in *.myshopify.com/account/register
Shopify allows shop admin to enable customer registration. When a customer registers with a short password and HTML content as the first name and last name then customer redirects to .myshopify.com/account/register with error messages and the provided data. As there is no Cross-site Scripting...
Adobe Flash Player Insecure Library Loading (DLL Hijacking) Vulnerability
Adobe Flash Player is a cross-platform, browser-based multimedia player product from Adobe. The product supports cross-screen and browser viewing of applications, content and videos. A security vulnerability exists in Adobe Flash Player. An attacker could exploit this vulnerability to elevate...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplie...
Cisco Prime Service Catalog Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplie...
[SECURITY] Fedora 28 Update: roundcubemail-1.3.8-1.fc28
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
[SECURITY] Fedora 27 Update: roundcubemail-1.3.8-1.fc27
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...