26 matches found
CVE-2021-41461
Cross-site scripting XSS vulnerability in concrete/elements/collectionadd.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the mode parameter...
EUVD-2021-28492
Malicious code in bioql PyPI...
EUVD-2021-28490
Malicious code in bioql PyPI...
CVE-2021-41464
Cross-site scripting XSS vulnerability in concrete/elements/collectionadd.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parameter...
CVE-2021-41463
Cross-site scripting XSS vulnerability in toos/permissions/dialogs/access/entity/types/groupcombination.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the cID parameter...
CVE-2021-41464
Cross-site scripting XSS vulnerability in concrete/elements/collectionadd.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parameter...
CVE-2021-41463
Cross-site scripting XSS vulnerability in toos/permissions/dialogs/access/entity/types/groupcombination.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the cID parameter...
CVE-2021-41465
Cross-site scripting XSS vulnerability in concrete/elements/collectiontheme.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parameter...
CVE-2021-41464
Cross-site scripting XSS vulnerability in concrete/elements/collectionadd.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parameter...
CVE-2021-41462
Cross-site scripting XSS vulnerability in concrete/elements/collectionadd.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the ctID parameter...
CVE-2021-41461
Cross-site scripting XSS vulnerability in concrete/elements/collectionadd.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the mode parameter...
CVE-2021-41462
Cross-site scripting XSS vulnerability in concrete/elements/collectionadd.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the ctID parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in concrete/elements/collectionadd.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the ctID parameter...
CVE-2021-41465
Cross-site scripting XSS vulnerability in concrete/elements/collectiontheme.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in concrete/elements/collectionadd.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the mode parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in concrete/elements/collectionadd.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in concrete/elements/collectiontheme.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in toos/permissions/dialogs/access/entity/types/groupcombination.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the cID parameter...
CVE-2021-41465
Cross-site scripting XSS vulnerability in concrete/elements/collectiontheme.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parameter...
CVE-2021-41464
CVE-2021-41464 affects concrete5-legacy 5.6.4.0 and earlier; Cross-site scripting via concrete/elements/collection_add.php (rel parameter) allows remote attackers to inject arbitrary web script/HTML. This is confirmed by multiple sources (NVD, Red Hat, CNVD). The provided documents do not specify...