Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:54 p.m.10 views

CVE-2020-25476

Liferay CMS Portal version 7.1.3 and 7.2.1 have a blind persistent cross-site scripting XSS vulnerability in the user name parameter to Calendar. An attacker can insert the malicious payload on the username, lastname or surname fields of its own profile, and the malicious payload will be injected...

6.1CVSS5.8AI score0.00941EPSS
Exploits0
Openbugbounty
Openbugbounty
added 2023/07/14 8:31 a.m.17 views

cmsportaledc1.cms.gov Cross Site Scripting vulnerability OBB-3515824

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
OSV
OSV
added 2021/01/07 5:15 p.m.15 views

CVE-2020-25476

Liferay CMS Portal version 7.1.3 and 7.2.1 have a blind persistent cross-site scripting XSS vulnerability in the user name parameter to Calendar. An attacker can insert the malicious payload on the username, lastname or surname fields of its own profile, and the malicious payload will be injected...

6.1CVSS6.1AI score
Exploits0References3
CVE
CVE
added 2021/01/07 4:4 p.m.65 views

CVE-2020-25476

CVE-2020-25476 affects Liferay CMS Portal versions 7.1.3 and 7.2.1 via a blind persistent XSS in the Calendar module’s handling of the username/lastname/surname fields in user profiles. The vulnerability allows an attacker to inject payloads that are reflected in the attacker’s own calendar and c...

6.1CVSS6.2AI score0.00941EPSS
Exploits0References3Affected Software1
0day.today
0day.today
added 2011/08/04 12:0 a.m.20 views

DZYGroup CMS Portal Multiple SQL Injection Vulnerabilities

Exploit for php platform in category web applications .. . || | | | | | | | | / | | \ | \ \ / | |/ // \ \ | | || Y Y \ | / Y / \ | | \ | / / / / / / .org Archieve an Resource About Hacking Exploit Title: DZYGroup Portal Remote Sql Injection Vulnerability Author: Netrondoank Aka netron...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2011/08/04 12:0 a.m.20 views

DZYGroup CMS Portal - Multiple SQL Injections

DZYGroup CMS Portal - Multiple SQL Injections .. . || | | | | | | | | / | | \ | \ \ / | |/ // \ \ | | || Y Y \ | / Y / \ | | \ | / / / / / / .org Archieve an Resource About Hacking Exploit Title: DZYGroup Portal Remote Sql Injection Vulnerability Author: Netrondoank Aka netron home...

0.3AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2011/08/01 12:0 a.m.81 views

Douran CMS V3.9.8.0 - Directory Traversal Vulnerability

Document Title: =============== Douran CMS V3.9.8.0 - Directory Traversal Vulnerability Release Date: ============= 2011-08-01 Vulnerability Laboratory ID VL-ID: ==================================== 243 Abstract Advisory Information: ============================== The vulnerability laboratory...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2009/05/13 12:0 a.m.64 views

(GET var 'member') BLIND SQL INJECTION EXPLOIT --FAMILY CONNECTIONS <= v1.9 -->

!/usr/bin/perl -------------------------------------------------------------------------------- GET var 'member' BLIND SQL INJECTION EXPLOIT --FAMILY CONNECTIONS = v1.9 -- -------------------------------------------------------------------------------- CMS INFORMATION: --WEB:...

8.1AI score
Exploits0
Rows per page
Query Builder