CVE-2024-26135 MeshCentral cross-site websocket hijacking (CSWSH) vulnerability

MeshCentral is a full computer management web site. Versions prior to 1.1.21 a cross-site websocket hijacking CSWSH vulnerability within the control.ashx endpoint. This component is the primary mechanism used within MeshCentral to perform administrative actions on the server. The vulnerability is...

WordPress Quotes llama plugin跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Quotes llama plugin 0.7 and earlier versions have a cross-site scripting vulnerability that...

Badminton Center Management System跨站脚本漏洞

Badminton Center Management System is a badminton center management system from Carlo Montero's personal developer. Badminton Center Management System is vulnerable to a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied data and output for the...

WordPress AdRotate plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. Cross-site scripting vulnerabilities exist in versions of WordPress AdRotate plugin prior to 5.8.23, which st...

WordPress Page Security & Membership plugin cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress Page Security & Membership plugin, which stems from the fact that the plugin does not...

Hospital Management System Cross-Site Scripting Vulnerability (CNVD-2022-67484)

HealthNode Hospital Management System is a hospital management system. The system includes patient information management, ward management, surgery schedule management and financial management, etc. A cross-site scripting vulnerability exists in Hospital Management System v1.0, which stems from t...

XWiki Platform Cross-Site Scripting Vulnerability (CNVD-2022-13407)

Xwiki Platform is a wiki platform for creating web collaboration applications from the French company Xwiki. XWiki Platform is vulnerable to a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied data and output in registerinline, which could be...