868 matches found
DIGISOL SYSTEMS Wireless Wifi Home Router HR-3300 Cross-Site Scripting Vulnerability
DIGISOL SYSTEMS Wireless Wifi Home Router HR-3300 is a home wireless router from DIGISOL SYSTEMS India. A cross-site scripting vulnerability exists in the DIGISOL SYSTEMS Wireless Wifi Home Router HR-3300. The vulnerability stems from the lack of proper validation of client data by the WEB...
Cross-site scripting vulnerability in multiple F5 products (CNVD-2019-32053)
F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A cross-site scripting vulnerability exists in multiple F5 products. An attacker can exploit the vulnerability to execute...
Stormshield Network Security Cross-Site Scripting Vulnerability
Stormshield Network Security is a next-generation UTM Unified Threat Management firewall from Stormshield France. A cross-site scripting vulnerability exists in the command line interface of the SNS web server in Stormshield Network Security versions 2.0.0 through 2.13.0 and 3.0.0 through 3.7.1...
GLPI Cross-Site Scripting Vulnerability (CNVD-2019-21438)
Teclib GLPI is an open source IT asset management suite from the French company Teclib. The suite includes features such as device status management, asset inventory storage, management processes and work log management. A cross-site scripting vulnerability exists in the inc/user.class.php file i...
Linear eMerge E3-Series Cross-Site Scripting Vulnerability
The Nortek Security & Control Linear eMerge E3-Series is an access control device from Nortek Security & Control USA. A cross-site scripting vulnerability exists in the Linear eMerge E3-Series. The vulnerability stems from a lack of proper validation of client data by the web application. An...
mxGraph Cross-Site Scripting Vulnerability
mxGraph is a JavaScript charting library . A cross-site scripting vulnerability exists in mxGraph 4.0.0 and earlier versions. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute client-side code...
Grouptime Teamwire Client Cross-Site Scripting Vulnerability
Grouptime Teamwire Client is an enterprise messaging client application from Grouptime Germany. A cross-site scripting vulnerability exists in the admin interface in Grouptime Teamwire Client. The vulnerability stems from a lack of proper validation of client-side data by the web application. An...
Magento cross-site scripting vulnerability (CNVD-2019-26238)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engine and payment gateway and other functions. There is a cross-site scripting vulnerability in Magento , the vulnerability stems from the lack of proper validati...
Magento cross-site scripting vulnerability (CNVD-2019-26236)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. A cross-site scripting vulnerability exists in Magento version 2.1.18 before version 2.1, version 2.2.9 before...
Magento cross-site scripting vulnerability (CNVD-2019-26230)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engine and payment gateway and other functions. There is a cross-site scripting vulnerability in Magento , the vulnerability stems from the lack of proper validati...
Magento cross-site scripting vulnerability (CNVD-2019-26223)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions . A cross-site scripting vulnerability exists in Magento Open Source versions prior to 1.9.4.2 and Magento Commerc...
Magento cross-site scripting vulnerability (CNVD-2019-26243)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions . There is a cross-site scripting vulnerability in Magento , the vulnerability stems from the lack of proper...
Cross-site scripting vulnerability in multiple Zyxel devices
ZyXEL ZyWall 310 and others are products of Taiwan, China-based ZyXEL Corporation.ZyXEL ZyWall 310 is a 310 series VPN firewall appliance.ZyXEL ZyWall 110 is a 110 series VPN firewall appliance.ZyXEL USG1900 is a next-generation unified security gateway appliance. Zyxel ZyWall A cross-site...
Magento cross-site scripting vulnerability (CNVD-2019-26222)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions . A cross-site scripting vulnerability exists in Magento Open Source, Magento Commerce and Magento. The...
Magento cross-site scripting vulnerability (CNVD-2019-26221)
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. A cross-site scripting vulnerability exists in the admin panel in Magento Open Source versions prior to 1.9.4.2 a...
b3log Solo Cross-Site Scripting Vulnerability
b3log Solo is an open source blogging system. A cross-site scripting vulnerability exists in the input page under the Publish Articles menu in b3log Solo version 2.9.3. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit thi...
CVE-2017-9390
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a shell script called connect.sh which is supposed to return a specific cookie for the user when the user is authenticated to https://home.getvera.com. One of the parameters retrieved by this script ...
Input validation
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a shell script called connect.sh which is supposed to return a specific cookie for the user when the user is authenticated to https://home.getvera.com. One of the parameters retrieved by this script ...
CVE-2017-9390
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a shell script called connect.sh which is supposed to return a specific cookie for the user when the user is authenticated to https://home.getvera.com. One of the parameters retrieved by this script ...
Microsoft SharePoint Cross-Site Scripting Vulnerability (CNVD-2019-34776)
Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A cross-site scriptin...