Lucene search
K

237 matches found

CNVD
CNVD
added 2021/10/28 12:0 a.m.16 views

Shopware Cross-Site Scripting Vulnerability (CNVD-2021-103572)

Shopware is a suite of open source e-commerce software from the German company Shopware.Shopware in versions prior to 5.7.6 suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the...

5.7CVSS3.4AI score0.00737EPSS
Exploits0References1
CNVD
CNVD
added 2021/10/21 12:0 a.m.5 views

IBM QRadar Advisor with Watson Cross-Site Scripting Vulnerability

IBM QRadar Advisor with Watson is a suite of security threat analysis solutions from IBM USA. The product includes features such as security threat response and threat probing. A security vulnerability exists in IBM QRadar Advisor with Watson, which stems from the lack of proper validation of...

6.1CVSS6.7AI score0.00632EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/10/21 12:0 a.m.4 views

Hcl Technologies Hcl Connections 跨站脚本漏洞

Hcl Technologies Hcl Connections is a Web 2.0 enterprise collaboration platform application from Hcl Technologies, India. It is used to help teams become more productive. HCL Connections suffers from a cross-site scripting vulnerability that stems from the application's lack of proper validation ...

5.4CVSS5.6AI score0.00451EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/10/19 12:0 a.m.3 views

Snipe-IT 跨站脚本漏洞

Snipe-IT is an open source IT asset/license management system. snipe-IT has a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data in the WEB application, which can be exploited by attackers to execute client-side code...

6.8CVSS5.3AI score0.00803EPSS
Exploits1References4
CNVD
CNVD
added 2021/10/11 12:0 a.m.6 views

Tad Book3 Cross-Site Scripting Vulnerability

Tad Book3 is an XOOPS module by the individual developer of Tad in Taiwan, China, which can be used to write books, handouts, and as a notepad. Tad Book3 suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An...

6.1CVSS6.3AI score0.00612EPSS
Exploits0References1
CNVD
CNVD
added 2021/10/11 12:0 a.m.3 views

Tad TadTools Cross-Site Scripting Vulnerability

Tad TadTools is a module toolkit for individual developers at Tad in Taiwan, China. Used for module development, it can dramatically reduce the size of each module and speed up the development process. Tad TadTools suffers from a cross-site scripting vulnerability that originates from the lack of...

6.1CVSS6.3AI score0.00722EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/10/08 12:0 a.m.4 views

Tad TadTools 跨站脚本漏洞

Tad TadTools is a module toolkit for individual developers at Tad in Taiwan, China. Used for module development, it can dramatically reduce the size of each module and speed up the development process. Tad TadTools suffers from a cross-site scripting vulnerability that originates from the lack of...

6.1CVSS6AI score0.00722EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/10/04 12:0 a.m.6 views

WordPress Modern Events Calendar Lite 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL.The WordPress plugin Modern Events Calendar Lite has a cross-site scripting vulnerability that stems fro...

4.8CVSS5.4AI score0.00598EPSS
Exploits2References2
CNNVD
CNNVD
added 2021/09/27 12:0 a.m.2 views

WordPress 插件 跨站脚本漏洞

WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress plugin WP Map Block, which stems from a lack of proper validation of client-side data in the WEB application. An attacker can exploit this vulnerability to execute...

5.4CVSS5.6AI score0.00604EPSS
Exploits2References2
CNNVD
CNNVD
added 2021/09/21 12:0 a.m.6 views

Jsuites 跨站脚本漏洞

Jsuites is a set of lightweight, commonly used javascript web components. A cross-site scripting vulnerability exists in jsuites, which stems from the lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerability to execute client-side code...

8.7CVSS5.6AI score0.01027EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/09/20 12:0 a.m.4 views

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...

6.1CVSS6.1AI score0.0157EPSS
Exploits2References2
CNNVD
CNNVD
added 2021/09/10 12:0 a.m.3 views

WordPress 插件 跨站脚本漏洞

WordPress Plugin is an open source application plugin for WordPress. The WordPress Notices plugin suffers from a cross-site scripting vulnerability that stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute...

6.1CVSS6.1AI score0.00895EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/09/10 12:0 a.m.3 views

WordPress 插件 跨站脚本漏洞

WordPress Plugin is an open source application plugin for WordPress. The WordPress YouTube Video Inserter plugin suffers from a cross-site scripting vulnerability that stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to...

6.1CVSS6.1AI score0.00938EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/09/08 12:0 a.m.6 views

Palo Alto Networks PAN-OS 跨站脚本漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. Palo Alto Networks PAN-OS suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data by the WEB application. An attacker cou...

8CVSS6.5AI score0.00628EPSS
Exploits0References5
CNVD
CNVD
added 2021/08/31 12:0 a.m.13 views

ZOHO ManageEngine Log360 Cross-Site Scripting Vulnerability (CNVD-2021-67511)

ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.A cross-site...

6.1CVSS1.8AI score0.00821EPSS
Exploits0References1
CNVD
CNVD
added 2021/08/27 12:0 a.m.16 views

Six Apart Movable Type Cross-Site Scripting Vulnerability (CNVD-2022-22647)

Six Apart Movable Type MT is a blogging system from Six Apart, a US-based company. A cross-site scripting vulnerability exists in Six Apart Movable Type, which stems from the lack of proper validation of client-side data in the WEB application and can be exploited to inject arbitrary script or HT...

6.1CVSS2AI score0.009EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/08/26 12:0 a.m.7 views

HotelDruid 跨站脚本漏洞

HotelDruid is a hotel management system by the Digitaldruid.net team. The system includes features such as room management, financial management and inventory management. Digital Druid HotelDruid 3.0.2 suffers from a cross-site scripting vulnerability that stems from a lack of proper validation o...

6.1CVSS6.1AI score0.01005EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/08/25 12:0 a.m.5 views

Six Apart Movable Type 跨站脚本漏洞

Six Apart Movable Type MT is a blogging system from Six Apart, a US-based company. The system includes multi-user, commenting, quoting and theming features.Six Apart Movable Type suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client-side data in...

6.1CVSS5.4AI score0.00904EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/08/25 12:0 a.m.5 views

Six Apart Movable Type 跨站脚本漏洞

Six Apart Movable Type MT is a blogging system from Six Apart, a US-based company. A cross-site scripting vulnerability exists in Six Apart Movable Type, which stems from the lack of proper validation of client-side data in the WEB application and can be exploited to inject arbitrary script or HT...

6.1CVSS5.4AI score0.009EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/08/19 12:0 a.m.5 views

Phpgurukul Vehicle Parking Management System 跨站脚本漏洞

Phpgurukul Vehicle Parking Management System is a parking management system by the PHPGurukul Phpgurukul team. Phpgurukul Vehicle Parking Management System 1.0 suffers from a cross-site scripting vulnerability that stems from a lack of proper validation of client-side data by the web application...

4.8CVSS5.1AI score0.00611EPSS
Exploits1References1
Rows per page
Query Builder