30 matches found
Dart Cross-Site Scripting Vulnerability
Dart is an open source programming language. A cross-site scripting vulnerability exists in Dart. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...
Contao Cross-Site Scripting Vulnerability
Contao is an open source content management system CMS developed using PHP. The system supports search engine , rights management and CSS framework . A cross-site scripting vulnerability exists in Contao versions prior to 4.5.7, which stems from a lack of proper validation of client-side data by...
PrimeTek PrimeFaces Cross-Site Scripting Vulnerability
Primetek Primefaces is an open source use in the Java EE system UI library . A cross-site scripting vulnerability in the tooltip/tooltip.js file in PrimeTek PrimeFaces version 7.0.11, which stems from a lack of proper validation of client-side data in a WEB application, can be exploited by an...
MassCode Cross-Site Scripting Vulnerability
massCode is the open source code segment manager. A cross-site scripting vulnerability exists in massCode version 1.0.0-alpha.6, which stems from the lack of proper validation of client-side data in a web application and can be exploited by an attacker to execute client-side code...
Nokia IMPACT Cross-Site Scripting Vulnerability
Nokia IMPACT is a suite of intelligent management platforms for the Internet of Things IoT from the Finnish company Nokia. A cross-site scripting vulnerability exists in Nokia IMPACT. The vulnerability stems from the lack of proper validation of client-side data by the web application. An attacke...
Rocket.Chat Cross-Site Scripting Vulnerability (CNVD-2019-36863)
Rocket.Chat is an open source team chat software. A cross-site scripting vulnerability exists in versions of Rocket.Chat prior to 2.1.0, which stems from a lack of proper validation of client-side data by the web application and can be exploited by an attacker to execute client-side code...
Mozilla Firefox Cross-Site Scripting Vulnerability (CNVD-2019-15665)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A cross-site scripting vulnerability exists in Mozilla Firefox versions prior to 67, which stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit thi...
Joomla! cross-site scripting vulnerability (CNVD-2019-15713)
Joomla! is the U.S. Open Source Matters team of a set of PHP and MySQL development using open source , cross-platform content management system CMS. A cross-site scripting vulnerability exists in versions of Joomla! prior to 3.9.6. The vulnerability stems from a lack of proper validation of...
phpads 2.0 - Multiple Vulnerabilities
Vendor: http://blondish.net Versions: PHPAds 2.0 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/advisories.php?id=8 ---- First, we need to acquire administrative access. We point our browser at...
Silentum Uploader 1.4.0 File Deletion
Vendor: http://hypersilence.net Versions: Silentum Uploader 1.4.0 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/advisories.php?id=2 ---- Due to insufficient validation of client-side data, we can alter the path of files to be...