Lucene search
K

235 matches found

CNVD
CNVD
added 2020/06/03 12:0 a.m.2 views

Codeorigin Sysax Multi Server Cross-Site Scripting Vulnerability

Codeorigin Sysax Multi Server is an FTP File Transfer Protocol server and Shell server for Windows from Codeorigin USA. A cross-site scripting vulnerability exists in Codeorigin Sysax Multi Server version 6.90. The vulnerability stems from a lack of proper validation of client data by the WEB...

6.1CVSS6.4AI score0.03075EPSS
Exploits4References1
CNVD
CNVD
added 2020/05/25 12:0 a.m.4 views

Grafana piechart-panel cross-site scripting vulnerability

Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus etc. piechart-panel is one of the pie chart plugin. A cross-site scripting vulnerability exists in Grafan...

5.4CVSS6.4AI score0.0068EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/22 12:0 a.m.2 views

Gila CMS Cross-Site Scripting Vulnerability (CNVD-2020-34658)

Gila CMS is an open source content management system CMS based on PHP and MySQL. A cross-site scripting vulnerability exists in Gila CMS versions prior to 1.11.6. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this...

6.1CVSS6.4AI score0.01814EPSS
Exploits3References1
CNVD
CNVD
added 2020/05/20 12:0 a.m.1 views

phpIPAM cross-site scripting vulnerability (CNVD-2020-34452)

phpIPAM is a set of open source PHP and MySQL based IP address management application IPAM. A cross-site scripting vulnerability exists in phpIPAM version 1.4. The vulnerability stems from the WEB application's lack of proper validation of client-side data. An attacker can exploit the vulnerabili...

4.8CVSS6.3AI score0.00611EPSS
Exploits1References1
CNVD
CNVD
added 2020/05/08 12:0 a.m.2 views

LeptonCMS Cross-Site Scripting Vulnerability (CNVD-2020-35502)

LeptonCMS is a content management system CMS for the Lepton Project. A cross-site scripting vulnerability exists in LeptonCMS versions prior to 4.6.0. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to...

6.1CVSS6.3AI score0.00641EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/08 12:0 a.m.1 views

PHP-Fusion Cross-Site Scripting Vulnerability

PHP-Fusion is a Malaysian PHP-Fusion company based on MySql and PHP open source lightweight content management system . The system contains modules such as news, articles and forums. A cross-site scripting vulnerability exists in PHP-Fusion version 9.03.50. The vulnerability stems from the lack o...

6.1CVSS6.4AI score0.00924EPSS
Exploits1References1
CNVD
CNVD
added 2020/05/06 12:0 a.m.8 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2021-28035)

NETGEAR R9000, R7800 and R7500 are a wireless router from NETGEAR. A cross-site scripting vulnerability exists in multiple NETGEAR products. The vulnerability stems from the lack of proper validation of client data by the WEB application. An attacker can exploit this vulnerability to execute...

6.1CVSS6.1AI score0.00647EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/30 12:0 a.m.1 views

SUAP Cross-Site Scripting Vulnerability

SUAP is a unified public management system of the Brazilian IT Management Board DIGTI. The system supports functions such as personnel management, property control, warehouse management, extended project management and document agreement management. A cross-site scripting vulnerability exists in...

5.4CVSS6.4AI score0.00551EPSS
Exploits0
CNVD
CNVD
added 2020/04/26 12:0 a.m.2 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-25840)

NETGEAR EX7000 and others are a wireless network signal extender from NETGEAR. A cross-site scripting vulnerability exists in several NETGEAR products. The vulnerability stems from the lack of proper validation of client data by the WEB application, which can be exploited by an attacker to execut...

6.1CVSS6.4AI score0.00647EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/24 12:0 a.m.7 views

Fifthplay S.A.M.I Cross-Site Scripting Vulnerability

Fifthplay S.A.M.I is a management interface used in Fifthplay products from Fifthplay Belgium. A cross-site scripting vulnerability exists in versions prior to Fifthplay S.A.M.I 2019.3HP2. The vulnerability stems from the WEB application lacking proper validation of client data. An attacker can...

6.1CVSS6.1AI score0.00672EPSS
Exploits1References1
CNVD
CNVD
added 2020/04/21 12:0 a.m.4 views

Zulip server cross-site scripting vulnerability (CNVD-2020-33258)

Zulip server is an open source team chat application from the American company Zulip. A cross-site scripting vulnerability exists in Zulip Server versions prior to 2.1.3. The vulnerability stems from the WEB application's lack of proper validation of client-side data. An attacker can exploit this...

5.4CVSS6.3AI score0.00723EPSS
Exploits1References1
CNVD
CNVD
added 2020/04/17 12:0 a.m.2 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-27301)

The NETGEAR R8900, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in several NETGEAR products, which stems from the lack of proper validation of client data by a WEB application and can be exploited by an attacker to execute client code...

4.8CVSS6.4AI score0.00522EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/17 12:0 a.m.7 views

Dolibarr ERP/CRM Admin Tools Cross-Site Scripting Vulnerability

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, etc. Admin Tools is one of the management tools. A cross-site scripting...

5.4CVSS5.2AI score0.00698EPSS
Exploits1References1
CNVD
CNVD
added 2020/04/16 12:0 a.m.2 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-27218)

The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in multiple NETGEAR products, which stems from a lack of proper validation of client data by a WEB application and can be exploited by an attacker to execute client-side code...

6CVSS6.5AI score0.00439EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/16 12:0 a.m.2 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-26944)

NETGEAR D7800 and others are products of NETGEAR, Inc.NETGEAR D7800 is a wireless modem.NETGEAR R7500 is a wireless router.NETGEAR XR500 is a wireless router.NETGEAR R7500 is a wireless router.NETGEAR R7500 is a wireless router.NETGEAR R7500 is a wireless router.NETGEAR R7500 is a wireless...

6CVSS6.4AI score0.00439EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/16 12:0 a.m.1 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-24411)

The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in multiple NETGEAR products, which stems from a lack of proper validation of client data by a WEB application and can be exploited by an attacker to execute client-side code...

6CVSS6.5AI score0.00482EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/15 12:0 a.m.3 views

Torchbox Wagtail Cross-Site Scripting Vulnerability

Torchbox Wagtail is an open source content management system CMS from Torchbox UK. A cross-site scripting vulnerability exists in Torchbox Wagtail version 2.8.1 and versions prior to 2.7.2. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

6.8CVSS6.3AI score0.01273EPSS
Exploits1References1
CNVD
CNVD
added 2020/04/15 12:0 a.m.3 views

SAP NetWeaver AS ABAP Cross-Site Scripting Vulnerability

SAP NetWeaver AS ABAP Business Server is an application server for ABAP Advanced Business Application Programming from SAP, Germany. A cross-site scripting vulnerability exists in SAP NetWeaver AS ABAP Business Server Pages application CRMBSPFRAME. The vulnerability stems from a lack of proper...

6.1CVSS6.3AI score0.00654EPSS
Exploits0
CNVD
CNVD
added 2020/04/13 12:0 a.m.2 views

Vastgota-Data ProVide Admin Web Interface Cross-Site Scripting Vulnerability

Vastgota-Data ProVide is a file transfer server with a graphical user interface from Vastgota-Data, Sweden. A cross-site scripting vulnerability exists in the Admin Web Interface in Vastgota-Data ProVide 13.1 and earlier versions. The vulnerability stems from a lack of proper validation of client...

6.1CVSS6.3AI score0.00678EPSS
Exploits1References1
CNVD
CNVD
added 2020/04/01 12:0 a.m.1 views

IBM WebSphere Application Server Liberty Cross-Site Scripting Vulnerability (CNVD-2020-22194)

IBM WebSphere Application Server Liberty is a U.S. IBM company built on the Open Liberty project on top of the Java application server . A cross-site scripting vulnerability exists in IBM WebSphere Application Server Liberty. The vulnerability stems from a lack of proper validation of client-side...

6.1CVSS8.7AI score0.00797EPSS
Exploits0References1
Rows per page
Query Builder