IBM Maximo Asset Management Cross-Site Scripting Vulnerability (CNVD-2021-71525)

IBM Maximo Asset Management is a comprehensive solution for asset-intensive industries to manage enterprise physical assets through a public platform. IBM Maximo Asset Management version 7.6.0, 7.6.1 contains a cross-site scripting vulnerability that stems from the lack of proper validation of...

ZOHO ManageEngine Log360 Cross-Site Scripting Vulnerability

ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. A cross-site scripting vulnerability exists in ZOHO ManageEngine Log360, which stems from the product's failure to validate user data. An attacker could execute client-side...

ZOHO ManageEngine Log360 跨站脚本漏洞

ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. A cross-site scripting vulnerability exists in ZOHO ManageEngine Log360, which stems from the product's failure to validate user data. An attacker could execute client-side...

WordPress plugin WPFront Scroll Top 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the...

EyouCMS Cross-Site Scripting Vulnerability (CNVD-2021-82434)

EyouCMS is an open source content management system CMS based on ThinkPHP.EyouCMS has a cross-site scripting vulnerability in version 1.3.6, which stems from a lack of validation of user input data and filtering of input data in the basicinformation area. An attacker could use this vulnerability ...

Zoo Management System 'Multiple' Cross-Site Scripting Vulnerability

Zoo Management System is a zoo management system. Zoo Management System 'Multiple' contains a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit this vulnerability to execute client-side code...

WordPress 插件跨站脚本漏洞

WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress plugin Multiplayer Games. The vulnerability stems from a lack of proper validation of client-side data in the web application. An attacker can exploit this vulnerabili...

Domainmod 跨站脚本漏洞

A cross-site scripting vulnerability exists in Domainmod, a PHP and MySQL-based open source application for managing domain names and other Internet assets in a central location from the Domainmod community, which stems from the lack of proper validation of client-side data by the web application...

Advantech WebAccess/SCADA Cross-Site Scripting Vulnerability (CNVD-2021-59236)

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, Taiwan, China. A cross-site scripting vulnerability exists in Advantech WebAccess/SCADA, which originates from UserExcelOut.asp failing to properly validate the correctness of user data. The...

Advantech WebAccess/SCADA 跨站脚本漏洞

Advantech WebAccess/SCADA is a set of SCADA software based on browser architecture from Advantech, Taiwan, China. A cross-site scripting vulnerability exists in Advantech WebAccess/SCADA, which originates from UserExcelOut.asp failing to properly validate the correctness of user data. The...

DELL Dell EMC iDRAC9 Cross-Site Scripting Vulnerability (CNVD-2021-94891)

DELL Dell EMC iDRAC9 is a system management solution comprising hardware and software from Dell USA. The solution provides remote management, crash system recovery and power control for Dell PowerEdge systems. A cross-site scripting vulnerability exists in Dell EMC iDRAC9 in versions prior to...

Telegram Cross-Site Scripting Vulnerability

Telegram is an instant messaging mobile application. version 0.6.1 of Telegram Web K Alpha is vulnerable to a cross-site scripting vulnerability that stems from the fact that Telegram Web K Alpha allows XSS to pass through document names. An attacker could exploit the vulnerability to execute...

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin MyStickymenu, which stems from t...

WDScanner Cross-Site Scripting Vulnerability

WDScanner is an easy-to-use distributed web vulnerability detection system. version 1.1 of WDScanner has a cross-site scripting vulnerability in the system administration page, through which an attacker can execute client-side code...

Telegram 跨站脚本漏洞

Telegram is an instant messaging mobile application. version 0.6.1 of Telegram Web K Alpha is vulnerable to a cross-site scripting vulnerability that stems from the fact that Telegram Web K Alpha allows XSS to pass through document names. An attacker could exploit the vulnerability to execute...

WordPress Cross-site Request Forgery Vulnerability (CNVD-2021-59587)

WordPress is a set of blogging platforms developed by the WordPress Wordpress Foundation using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers.A cross-site request forgery vulnerability exists in the WooCommerce Stock Manager WordPress plugin,...

NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55882)

NCH Axon PBX is a set of virtual telephone switch software used in commercial environments. The software is primarily used to manage telephone call centers and implements the functionality of a telephone switch in software.A cross-site scripting vulnerability exists in NCH Axon PBX, which stems...

NCH Quorum Cross-Site Scripting Vulnerability

NCH Quorum is a teleconference server software. It can turn any computer into a conference call server. A cross-site scripting vulnerability exists in NCH Quorum, which stems from the product's /conferencebrowseuploadfile?confid=failure to properly handle user input data and can be exploited to...

NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55884)

NCH Axon PBX is a virtual phone switch software used in business environments. A cross-site scripting vulnerability exists in NCH Axon PBX, which stems from the failure of the product's primary phone to properly filter incoming data for special characters, which can be exploited to execute...

NCH Axon PBX Cross-Site Scripting Vulnerability (CNVD-2021-55883)

NCH Axon PBX is a set of virtual telephone switch software used in a business environment. A cross-site scripting vulnerability exists in NCH Axon PBX, which stems from the fact that the product's customer name does not properly filter special characters in the input data and can be exploited to...