88 matches found
CVE-2020-23655
NavigateCMS 2.9 is affected by Cross Site Scripting XSS on module "Configuration."...
phpMyFAQ 2.9.8 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: phpMyFAQ 2.9.8 Stored XSS Vendor Homepage: http://www.phpmyfaq.de/ Software Link: http://download.phpmyfaq.de/phpMyFAQ-2.9.8.zip Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website:...
phpMyFAQ 2.9.8 - Cross-Site Scripting (2)
phpMyFAQ 2.9.8 - Cross-Site Scripting 2 Exploit Title: phpMyFAQ 2.9.8 Stored XSS Vendor Homepage: http://www.phpmyfaq.de/ Software Link: http://download.phpmyfaq.de/phpMyFAQ-2.9.8.zip Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website:...
phpMyFAQ 2.9.8 Cross Site Scripting
Exploit Title: phpMyFAQ 2.9.8 Stored XSS Vendor Homepage: http://www.phpmyfaq.de/ Software Link: http://download.phpmyfaq.de/phpMyFAQ-2.9.8.zip Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: webapps CVE: CVE-2017-1461...
phpMyFAQ 2.9.8 - Cross-Site Scripting (2)
Exploit Title: phpMyFAQ 2.9.8 Stored XSS Vendor Homepage: http://www.phpmyfaq.de/ Software Link: http://download.phpmyfaq.de/phpMyFAQ-2.9.8.zip Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: webapps CVE: CVE-2017-1461...
Cross-site Scripting (XSS)
phpMyFAQ is vulnerable to cross-site scripting XSS attacks. The library does not escape the Title of your FAQ field in the Configuration module, allowing a malicious user to inject and execute arbitrary web script...
phpMyFAQ cross-site scripting vulnerability (CNVD-2017-34019)
phpMyFAQ is phpMyFAQ team developed a set of open source fully database-driven FAQ question and answer system . The system supports multiple languages, multiple databases, etc., and includes modules such as content management system and community. A cross-site scripting vulnerability exists in...
CVE-2017-14619
Cross-site scripting XSS vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module...
Cross site scripting
Cross-site scripting XSS vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module...
CVE-2017-14619
Cross-site scripting XSS vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module...
CVE-2017-14619
Cross-site scripting XSS vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module...
phpmyfaq -- multiple issues
phpmyfaq developers report: Cross-site scripting XSS vulnerability in inc/PMF/Faq.php in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the Questions field in an "Add New FAQ" action. Cross-site scripting XSS vulnerability in phpMyFAQ through 2.9.8 allow...
CVE-2014-2045
Multiple cross-site scripting XSS vulnerabilities in the old and new interfaces in Viprinet Multichannel VPN Router 300 allow remote attackers to inject arbitrary web script or HTML via the username when 1 logging in or 2 creating an account in the old interface, 3 username when creating an accou...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the administrative backend in MyBB aka MyBulletinBoard before 1.8.4 allow remote authenticated users to inject arbitrary web script or HTML via the 1 MIME-type field in an add action in the config-attachmenttypes module to admin/index.php; 2...
CVE-2014-100005
Multiple cross-site request forgery CSRF vulnerabilities in D-Link DIR-600 router rev. Bx with firmware before 2.17b02 allow remote attackers to hijack the authentication of administrators for requests that 1 create an administrator account or 2 enable remote management via a crafted configuratio...
CVE-2014-100005
Multiple cross-site request forgery CSRF vulnerabilities in D-Link DIR-600 router rev. Bx with firmware before 2.17b02 allow remote attackers to hijack the authentication of administrators for requests that 1 create an administrator account or 2 enable remote management via a crafted configuratio...
Updated kdebase4-workspace packages fix security vulnerability and various bugs
This update fixes a security vulnerability in the KDE workspace configuration module for setting the date and time CVE-2014-8651, mga14578, and fixes some additional issues: - fix foreground color for GTK2 menus bko127861, - improve contrast for rendering checkbox marks, arrows, etc. bko337433,...
Updated kdebase4-workspace packages fix security vulnerability and various bugs
This update fixes a security vulnerability in the KDE workspace configuration module for setting the date and time CVE-2014-8651, mga14487, and fixes some additional issues: - fix kcm botching unrelated user settings mga3310, bko254430, - do not popup during initialization 0 B Removable media...
CVE-2012-5316
Multiple cross-site scripting XSS vulnerabilities in Barracuda Spam & Virus Firewall 600 Firmware 4.0.1.009 and earlier allow remote authenticated users to inject arbitrary web script or HTML via 1 Troubleshooting in the Trace route Device module or 2 LDAP Username in the LDAP Configuration modul...
Code injection
The configuration module in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to obtain the encryption key via unspecified vectors...