Microweber Cross-Site Scripting Vulnerability (CNVD-2022-15527)

Microweber is an online store management system from the Microweber community in the United States that provides drag-and-drop functionality. The system includes modules for adding products, images, etc. A cross-site scripting vulnerability exists in GitHub, which stems from the lack of proper...

Tricentis qTest Cross-Site Scripting Vulnerability

Tricentis qTest is used by Tricentis to centrally manage and understand software testing activities from conception to production. qTest has a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application, which can be exploited by...

Librenms Cross-Site Scripting Vulnerability (CNVD-2022-15529)

Librenms is a PHP and MySQL based open source network monitoring system from the Librenms community. The system features custom alerts, auto-discovery of network environments and automatic updates.Librenms suffers from a cross-site scripting vulnerability that stems from the lack of proper...

Checkmk Cross-Site Scripting Vulnerability (CNVD-2022-17021)

Checkmk is an editor. A cross-site scripting vulnerability exists in Checkmk versions 2.0.0p19 and earlier and 1.6.0p27 and earlier, which stems from the lack of proper validation of client-side data by the web application. An attacker could exploit this vulnerability to execute client-side code...

FUEL CMS Cross-Site Scripting Vulnerability (CNVD-2022-71119)

FUEL CMS is a content management system CMS based on the Codelgniter framework. version 1.5.1 of FUEL CMS suffers from a cross-site scripting vulnerability, which stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the vulnerability to...

Checkmk Cross-Site Scripting Vulnerability (CNVD-2022-21231)

Checkmk is an editor. A cross-site scripting vulnerability exists in Checkmk, which stems from Checkmk version = 2.0.0p19. When creating or editing user properties, Help Text is affected by HTML injection, which can be triggered when editing a user. An attacker could use this vulnerability to...

WordPress 跨站脚本漏洞

WordPress is the WordPress Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. wordpress Ad Inserterr has a cross-site scripting vulnerability, which stems from the product not outputting the...

livehelperchat Cross-Site Scripting Vulnerability (CNVD-2022-13080)

livehelperchat is available through Live Helper Chat, which provides free live support on the website. livehelperchat 3.93v previously had a cross-site scripting vulnerability that stemmed from the lack of proper validation of client-side data by the WEB application, which could be exploited by a...

Pybbs Cross-Site Scripting Vulnerability

Pybbs is a community forum for more practical Java development. A cross-site scripting vulnerability exists in Pybbs, which stems from the product's search box not effectively handling special characters in user input data. An attacker can exploit this vulnerability to execute client-side code...

K-Box Cross-Site Scripting Vulnerability

K-Box is a web-based application used to manage document, image, video and geographic data. A cross-site scripting vulnerability exists in K-Box, which stems from the fact that the editors of the product's user document summaries and markdown file previews do not securely handle special character...

Taocms Cross-Site Scripting Vulnerability (CNVD-2022-11522)

Taocms is a micro Cms content management system in China. Taocms suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data in the WEB application, which can be exploited by attackers to execute client-side code...

Pimcore Cross-Site Scripting Vulnerability (CNVD-2022-22706)

Pimcore is an open source Web content management platform for creating and managing Web applications from Pimcore Austria. The platform integrates Web content management, e-commerce frameworks and product information management applications.Pimcore has a cross-site scripting vulnerability that...

MiniCMS Cross-Site Scripting Vulnerability (CNVD-2022-11519)

MiniCMS is a content management system CMS designed for personal websites. miniCMS has a security vulnerability that stems from the lack of proper validation of client-side data in the WEB application, which can be exploited by attackers to execute client-side code...

microweber cross-site scripting vulnerability (CNVD-2022-12763)

Microweber is an online store management system from the Microweber community in the United States that provides drag-and-drop functionality. The system includes modules for adding products, images, etc. A cross-site scripting vulnerability exists in microweber, which stems from the product's...

Pybbs 跨站脚本漏洞

Pybbs is a community forum for more practical Java development. A cross-site scripting vulnerability exists in Pybbs, which stems from the product's search box not effectively handling special characters in user input data. An attacker can exploit this vulnerability to execute client-side code...

Pimcore Cross-Site Scripting Vulnerability (CNVD-2022-22707)

Pimcore is an open source Web content management platform for creating and managing Web applications from Pimcore Austria. The platform integrates Web content management, e-commerce frameworks and product information management applications.Pimcore has a cross-site scripting vulnerability that...

Gitea Cross-Site Scripting Vulnerability (CNVD-2022-11525)

A cross-site scripting vulnerability exists in Gitea, a Go-based lightweight git service developed by the Gitea community. The vulnerability stems from a mirror setting in the product wiki/issue link that does not effectively handle special characters in the input data. An attacker could execute...

Django Cross-Site Scripting Vulnerability (CNVD-2022-31853)

Django is the Django Foundation's set of open source web application framework based on the Python language. The framework includes an object-oriented mapper, view system, template system, etc. A cross-site scripting vulnerability exists in Django, which stems from the product's % debug %...

Gitea 安全漏洞

Gitea is a lightweight Go-based git service developed by the Gitea community. A security vulnerability exists in Gitea, which stems from the failure of some of the product's user APIs to determine that a request originates from a trusted user. The vulnerability can be exploited to execute...

Gitea 跨站脚本漏洞

A cross-site scripting vulnerability exists in Gitea, a Go-based lightweight git service developed by the Gitea community. The vulnerability stems from a mirror setting in the product wiki/issue link that does not effectively handle special characters in the input data. An attacker could execute...