235 matches found
Codeorigin Sysax Multi Server Cross-Site Scripting Vulnerability
Codeorigin Sysax Multi Server is an FTP File Transfer Protocol server and Shell server for Windows from Codeorigin USA. A cross-site scripting vulnerability exists in Codeorigin Sysax Multi Server version 6.90. The vulnerability stems from a lack of proper validation of client data by the WEB...
Grafana piechart-panel cross-site scripting vulnerability
Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus etc. piechart-panel is one of the pie chart plugin. A cross-site scripting vulnerability exists in Grafan...
Gila CMS Cross-Site Scripting Vulnerability (CNVD-2020-34658)
Gila CMS is an open source content management system CMS based on PHP and MySQL. A cross-site scripting vulnerability exists in Gila CMS versions prior to 1.11.6. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this...
phpIPAM cross-site scripting vulnerability (CNVD-2020-34452)
phpIPAM is a set of open source PHP and MySQL based IP address management application IPAM. A cross-site scripting vulnerability exists in phpIPAM version 1.4. The vulnerability stems from the WEB application's lack of proper validation of client-side data. An attacker can exploit the vulnerabili...
LeptonCMS Cross-Site Scripting Vulnerability (CNVD-2020-35502)
LeptonCMS is a content management system CMS for the Lepton Project. A cross-site scripting vulnerability exists in LeptonCMS versions prior to 4.6.0. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to...
PHP-Fusion Cross-Site Scripting Vulnerability
PHP-Fusion is a Malaysian PHP-Fusion company based on MySql and PHP open source lightweight content management system . The system contains modules such as news, articles and forums. A cross-site scripting vulnerability exists in PHP-Fusion version 9.03.50. The vulnerability stems from the lack o...
Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2021-28035)
NETGEAR R9000, R7800 and R7500 are a wireless router from NETGEAR. A cross-site scripting vulnerability exists in multiple NETGEAR products. The vulnerability stems from the lack of proper validation of client data by the WEB application. An attacker can exploit this vulnerability to execute...
SUAP Cross-Site Scripting Vulnerability
SUAP is a unified public management system of the Brazilian IT Management Board DIGTI. The system supports functions such as personnel management, property control, warehouse management, extended project management and document agreement management. A cross-site scripting vulnerability exists in...
Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-25840)
NETGEAR EX7000 and others are a wireless network signal extender from NETGEAR. A cross-site scripting vulnerability exists in several NETGEAR products. The vulnerability stems from the lack of proper validation of client data by the WEB application, which can be exploited by an attacker to execut...
Fifthplay S.A.M.I Cross-Site Scripting Vulnerability
Fifthplay S.A.M.I is a management interface used in Fifthplay products from Fifthplay Belgium. A cross-site scripting vulnerability exists in versions prior to Fifthplay S.A.M.I 2019.3HP2. The vulnerability stems from the WEB application lacking proper validation of client data. An attacker can...
Zulip server cross-site scripting vulnerability (CNVD-2020-33258)
Zulip server is an open source team chat application from the American company Zulip. A cross-site scripting vulnerability exists in Zulip Server versions prior to 2.1.3. The vulnerability stems from the WEB application's lack of proper validation of client-side data. An attacker can exploit this...
Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-27301)
The NETGEAR R8900, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in several NETGEAR products, which stems from the lack of proper validation of client data by a WEB application and can be exploited by an attacker to execute client code...
Dolibarr ERP/CRM Admin Tools Cross-Site Scripting Vulnerability
Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, etc. Admin Tools is one of the management tools. A cross-site scripting...
Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-27218)
The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in multiple NETGEAR products, which stems from a lack of proper validation of client data by a WEB application and can be exploited by an attacker to execute client-side code...
Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-26944)
NETGEAR D7800 and others are products of NETGEAR, Inc.NETGEAR D7800 is a wireless modem.NETGEAR R7500 is a wireless router.NETGEAR XR500 is a wireless router.NETGEAR R7500 is a wireless router.NETGEAR R7500 is a wireless router.NETGEAR R7500 is a wireless router.NETGEAR R7500 is a wireless...
Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-24411)
The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in multiple NETGEAR products, which stems from a lack of proper validation of client data by a WEB application and can be exploited by an attacker to execute client-side code...
Torchbox Wagtail Cross-Site Scripting Vulnerability
Torchbox Wagtail is an open source content management system CMS from Torchbox UK. A cross-site scripting vulnerability exists in Torchbox Wagtail version 2.8.1 and versions prior to 2.7.2. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...
SAP NetWeaver AS ABAP Cross-Site Scripting Vulnerability
SAP NetWeaver AS ABAP Business Server is an application server for ABAP Advanced Business Application Programming from SAP, Germany. A cross-site scripting vulnerability exists in SAP NetWeaver AS ABAP Business Server Pages application CRMBSPFRAME. The vulnerability stems from a lack of proper...
Vastgota-Data ProVide Admin Web Interface Cross-Site Scripting Vulnerability
Vastgota-Data ProVide is a file transfer server with a graphical user interface from Vastgota-Data, Sweden. A cross-site scripting vulnerability exists in the Admin Web Interface in Vastgota-Data ProVide 13.1 and earlier versions. The vulnerability stems from a lack of proper validation of client...
IBM WebSphere Application Server Liberty Cross-Site Scripting Vulnerability (CNVD-2020-22194)
IBM WebSphere Application Server Liberty is a U.S. IBM company built on the Open Liberty project on top of the Java application server . A cross-site scripting vulnerability exists in IBM WebSphere Application Server Liberty. The vulnerability stems from a lack of proper validation of client-side...