Seagate NAS OS Cross-Site Scripting Vulnerability

Seagate NAS OS is a NAS Network Attached Storage operating system from Seagate USA. A cross-site scripting vulnerability exists in the API error page in Seagate NAS OS version 4.3.15.1. The vulnerability stems from a lack of proper validation of client data by the WEB application. An attacker cou...

WordPress Kieran O'Shea Calendar Plugin Cross-Site Scripting Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress Kieran O'Shea Calendar plugin prior to version 1.3.11. The...

IBM Jazz Reporting Service Cross-Site Scripting Vulnerability (CNVD-2019-13241)

IBM Jazz Reporting Service JRS is a suite of applications for discovering cross-project reports from IBM in the United States. A cross-site scripting vulnerability exists in IBM JRS Report Builder that stems from the WEB application failing to validate client-side data, which can be exploited by ...

Cybozu Garoon Cross-Site Scripting Vulnerability (CNVD-2019-12706)

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. A cross-site scripting vulnerability exists in Cybozu Garoon versions 4.0.0 through 4.6.3, which originates from ...

Symantec VIP Enterprise Gateway Cross-Site Scripting Vulnerability

Symantec VIP Enterprise Gateway is an enterprise security gateway product from Symantec USA. A cross-site scripting vulnerability exists in Symantec VIP Enterprise Gateway that stems from a lack of proper validation of client-side data by the WEB application. An attacker could exploit the...

WordPress Tribulant Slideshow Gallery plugin cross-site scripting vulnerability (CNVD-2019-30133)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.Tribulant Slideshow Gallery plugin is an image autoplay plugin used in it. A cross-site scripting vulnerability exists in...

waimai Super Cms Cross-Site Scripting Vulnerability (CNVD-2019-13569)

Waimai Super Cms is a takeaway ordering system. A cross-site scripting vulnerability exists in Waimai Super Cms version 20150505. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerability to execute client-side...

WordPress WP All Import plugin cross-site scripting vulnerability (CNVD-2019-30135)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WP All Import plugin is used in one of the file import plugin. A cross-site scripting vulnerability exists in WordPress WP All Import...

Apache Airflow Cross-Site Scripting Vulnerability (CNVD-2019-13853)

Apache Airflow is the United States Apache Apache Software Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A cross-site scripting vulnerability exists in the airflow webserver servi...

Cantemo Portal Cross-Site Scripting Vulnerability

Cantemo Portal is a media asset management portal system from the Cantemo team in Sweden. The system is primarily used to manage media files such as video, audio and still images. A cross-site scripting vulnerability exists in Cantemo Portal versions prior to 3.2.13, 3.3.x prior to 3.3.8, and 3.4...

WordPress wpape APE GALLERY plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wpape APE GALLERY plugin is an image management plugin used in it. A cross-site scripting vulnerability exists in the...

Microsoft SharePoint Cross-Site Scripting Vulnerability (CNVD-2019-10429)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A cross-site scriptin...

Roundup cross-site scripting vulnerability (CNVD-2019-09481)

Roundup is a command line, web and email issue tracking system. The system provides bug tracking, customer help desk and issue management. A cross-site scripting vulnerability exists in Roundup version 1.6, which stems from the failure of a WEB application to properly validate client-side data an...

IBM Rational DOORS Next Generation Cross-Site Scripting Vulnerability (CNVD-2019-09071)

IBM Rational DOORS Next Generation DNG/RRC is a suite of software for capturing, tracking, analyzing, and managing requirements from IBM, USA. The software provides a single platform for global team collaboration to manage requirements more efficiently, sharing unified users, servers and project...

D-Link DSL-3782 Cross-Site Scripting Vulnerability

The D-Link DSL-3782 is a wireless router from AUO D-Link of Taiwan, China. A cross-site scripting vulnerability exists in the web interface of the D-Link DSL-3782 using firmware version 1.01, which stems from the lack of proper validation of client data by the WEB application. An attacker could...

MyBB Cross-Site Scripting Vulnerability (CNVD-2021-25714)

MyBB MyBulletinBoard is the MyBB team developed a set of PHP and MySQL development of free and Web-based forum software. The software is easy to use , support for multiple languages , scalable and so on.ModCP Profile Editor is used in one of the ModCP configuration editor . The ModCP Profile Edit...

Palo Alto Networks Expedition Migration Tool Cross-Site Scripting Vulnerability (CNVD-2019-14249)

Palo Alto Networks Expedition Migration Tool is a security policy configuration migration tool from Palo Alto Networks, USA. A cross-site scripting vulnerability exists in Palo Alto Networks Expedition Migration Tool 1.1.8 and prior versions, which stems from a lack of proper validation of...

Drupal cross-site scripting vulnerability (CNVD-2019-12155)

Drupal is an open source content management system developed by the Drupal community using the PHP language. A cross-site scripting vulnerability exists in Drupal version 7 prior to 7.65, version 8.6 prior to 8.6.13, and version 8.5 prior to 8.5.14, which stems from a lack of proper validation of...

Frog CMS Cross-Site Scripting Vulnerability (CNVD-2019-34649)

Frog CMS is a Content Management System CMS developed by Philippe Archambault Software Developers. The system provides tools for page templates, user rights management and document management. A cross-site scripting vulnerability exists in Frog CMS. An attacker can exploit this vulnerability to...

Frog CMS Cross-Site Scripting Vulnerability (CNVD-2019-34648)

Frog CMS is a Content Management System CMS developed by Philippe Archambault Software Developers. The system provides tools for page templates, user rights management and document management. A cross-site scripting vulnerability exists in Frog CMS. An attacker can exploit this vulnerability to...