Lucene search
+L

88 matches found

Cvelist
Cvelist
added 2020/08/26 4:48 p.m.17 views

CVE-2020-23655

NavigateCMS 2.9 is affected by Cross Site Scripting XSS on module "Configuration."...

5.4AI score0.00545EPSS
Exploits1References1
0day.today
0day.today
added 2017/10/13 12:0 a.m.43 views

phpMyFAQ 2.9.8 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: phpMyFAQ 2.9.8 Stored XSS Vendor Homepage: http://www.phpmyfaq.de/ Software Link: http://download.phpmyfaq.de/phpMyFAQ-2.9.8.zip Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website:...

4.3CVSS6.4AI score0.02168EPSS
Exploits4
exploitpack
exploitpack
added 2017/10/13 12:0 a.m.55 views

phpMyFAQ 2.9.8 - Cross-Site Scripting (2)

phpMyFAQ 2.9.8 - Cross-Site Scripting 2 Exploit Title: phpMyFAQ 2.9.8 Stored XSS Vendor Homepage: http://www.phpmyfaq.de/ Software Link: http://download.phpmyfaq.de/phpMyFAQ-2.9.8.zip Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website:...

4.3CVSS0.02168EPSS
Exploits4
Packet Storm
Packet Storm
added 2017/10/13 12:0 a.m.55 views

phpMyFAQ 2.9.8 Cross Site Scripting

Exploit Title: phpMyFAQ 2.9.8 Stored XSS Vendor Homepage: http://www.phpmyfaq.de/ Software Link: http://download.phpmyfaq.de/phpMyFAQ-2.9.8.zip Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: webapps CVE: CVE-2017-1461...

4.3CVSS0.02168EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/10/13 12:0 a.m.45 views

phpMyFAQ 2.9.8 - Cross-Site Scripting (2)

Exploit Title: phpMyFAQ 2.9.8 Stored XSS Vendor Homepage: http://www.phpmyfaq.de/ Software Link: http://download.phpmyfaq.de/phpMyFAQ-2.9.8.zip Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: webapps CVE: CVE-2017-1461...

6.1CVSS6.6AI score0.02168EPSS
Exploits4
Veracode
Veracode
added 2017/09/29 10:1 a.m.22 views

Cross-site Scripting (XSS)

phpMyFAQ is vulnerable to cross-site scripting XSS attacks. The library does not escape the Title of your FAQ field in the Configuration module, allowing a malicious user to inject and execute arbitrary web script...

6.1CVSS5.9AI score0.02168EPSS
Exploits4References4Affected Software1
CNVD
CNVD
added 2017/09/21 12:0 a.m.5 views

phpMyFAQ cross-site scripting vulnerability (CNVD-2017-34019)

phpMyFAQ is phpMyFAQ team developed a set of open source fully database-driven FAQ question and answer system . The system supports multiple languages, multiple databases, etc., and includes modules such as content management system and community. A cross-site scripting vulnerability exists in...

6.1CVSS6AI score0.02168EPSS
Exploits4References1
NVD
NVD
added 2017/09/20 9:29 p.m.37 views

CVE-2017-14619

Cross-site scripting XSS vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module...

6.1CVSS6AI score0.02168EPSS
Exploits4References4
Prion
Prion
added 2017/09/20 9:29 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module...

4.3CVSS6AI score0.02168EPSS
Exploits4References4Affected Software1
OSV
OSV
added 2017/09/20 9:29 p.m.25 views

CVE-2017-14619

Cross-site scripting XSS vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module...

6.1CVSS5.7AI score
Exploits0References4
Cvelist
Cvelist
added 2017/09/20 9:0 p.m.36 views

CVE-2017-14619

Cross-site scripting XSS vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module...

6.2AI score0.02168EPSS
Exploits4References4
FreeBSD
FreeBSD
added 2017/09/20 12:0 a.m.29 views

phpmyfaq -- multiple issues

phpmyfaq developers report: Cross-site scripting XSS vulnerability in inc/PMF/Faq.php in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the Questions field in an "Add New FAQ" action. Cross-site scripting XSS vulnerability in phpMyFAQ through 2.9.8 allow...

5.9AI score
Exploits0References2
NVD
NVD
added 2017/01/20 3:59 p.m.27 views

CVE-2014-2045

Multiple cross-site scripting XSS vulnerabilities in the old and new interfaces in Viprinet Multichannel VPN Router 300 allow remote attackers to inject arbitrary web script or HTML via the username when 1 logging in or 2 creating an account in the old interface, 3 username when creating an accou...

6.1CVSS6.2AI score0.04529EPSS
Exploits5References5
Prion
Prion
added 2015/03/18 2:59 p.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the administrative backend in MyBB aka MyBulletinBoard before 1.8.4 allow remote authenticated users to inject arbitrary web script or HTML via the 1 MIME-type field in an add action in the config-attachmenttypes module to admin/index.php; 2...

3.5CVSS5.6AI score0.01629EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2015/01/13 11:59 a.m.18 views

CVE-2014-100005

Multiple cross-site request forgery CSRF vulnerabilities in D-Link DIR-600 router rev. Bx with firmware before 2.17b02 allow remote attackers to hijack the authentication of administrators for requests that 1 create an administrator account or 2 enable remote management via a crafted configuratio...

8CVSS7.2AI score0.42414EPSS
Exploits2References5
ATTACKERKB
ATTACKERKB
added 2015/01/13 12:0 a.m.23 views

CVE-2014-100005

Multiple cross-site request forgery CSRF vulnerabilities in D-Link DIR-600 router rev. Bx with firmware before 2.17b02 allow remote attackers to hijack the authentication of administrators for requests that 1 create an administrator account or 2 enable remote management via a crafted configuratio...

8.8CVSS7.9AI score0.42414EPSS
In wildExploits2References6
Mageia
Mageia
added 2014/11/21 1:38 p.m.31 views

Updated kdebase4-workspace packages fix security vulnerability and various bugs

This update fixes a security vulnerability in the KDE workspace configuration module for setting the date and time CVE-2014-8651, mga14578, and fixes some additional issues: - fix foreground color for GTK2 menus bko127861, - improve contrast for rendering checkbox marks, arrows, etc. bko337433,...

7.2CVSS6.3AI score0.00388EPSS
Exploits0References5
Mageia
Mageia
added 2014/11/14 12:57 a.m.34 views

Updated kdebase4-workspace packages fix security vulnerability and various bugs

This update fixes a security vulnerability in the KDE workspace configuration module for setting the date and time CVE-2014-8651, mga14487, and fixes some additional issues: - fix kcm botching unrelated user settings mga3310, bko254430, - do not popup during initialization 0 B Removable media...

7.2CVSS6.3AI score0.00388EPSS
Exploits0References5
Cvelist
Cvelist
added 2012/10/08 5:0 p.m.19 views

CVE-2012-5316

Multiple cross-site scripting XSS vulnerabilities in Barracuda Spam & Virus Firewall 600 Firmware 4.0.1.009 and earlier allow remote authenticated users to inject arbitrary web script or HTML via 1 Troubleshooting in the Trace route Device module or 2 LDAP Username in the LDAP Configuration modul...

5.5AI score0.00976EPSS
Exploits1References4
Prion
Prion
added 2012/09/05 11:55 p.m.18 views

Code injection

The configuration module in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to obtain the encryption key via unspecified vectors...

3.5CVSS6.5AI score0.00839EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder