Lucene search
K

61 matches found

CNVD
CNVD
added 2016/07/19 12:0 a.m.4 views

HTML Injection Vulnerability in Multiple Pivotal Products

Pivotal Cloud Foundry is an open source Platform-as-a-Service PaaS cloud computing platform from Pivotal Software that provides container scheduling, continuous delivery, and automated service deployment.Pivotal Elastic Runtime is one of Pivotal Cloud Foundry's runtime environments. UAA User...

6.1CVSS6.8AI score0.00656EPSS
Exploits0References1
CNVD
CNVD
added 2015/08/21 12:0 a.m.4 views

Drupal Camtasia Relay Module Cross-Site Scripting Vulnerability

Drupal is an open source content management framework written in the PHP language. A cross-site scripting vulnerability exists in the Drupal Camtasia Relay Module, which can be exploited by an attacker to execute arbitrary script code in a browser to steal cookie-based authentication credentials...

4.3CVSS6.9AI score0.01184EPSS
Exploits0References1
CNVD
CNVD
added 2015/05/19 12:0 a.m.2 views

Amazon App Store Cross-Site Scripting Vulnerability

The Amazon App Store is a set of application stores from Amazon.com, Inc. in the United States. A cross-site scripting vulnerability exists in Amazon App Store. An attacker can exploit the vulnerability to execute arbitrary script code in the browser of a trusted user in the context of the affect...

6.7AI score
Exploits0References1
CNVD
CNVD
added 2015/02/04 12:0 a.m.4 views

Fortinet FortiOS HTML Injection Vulnerability

Fortinet FortiOS is a set of security operating system developed by the U.S. company Fita Fortinet dedicated to the FortiGate platform, which provides users with firewall, antivirus, IPSec/SSL VPN, Web content filtering, anti-spam and other security features. An HTML injection vulnerability exist...

3.5CVSS7.9AI score0.00978EPSS
Exploits1References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Caucho Resin 2.0/2.1 - Multiple HTML Injection and Cross-site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/8852/info It has been reported that Caucho Resin is prone to multiple HTML Injection and cross-site scripting vulnerabilities in various scripts that may allow a remote attacker to cause hostile HTML or script code to be...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

WebCalendar 0.9.x colors.php color XSS

No description provided by source. source: http://www.securityfocus.com/bid/8539/info It has been reported that WebCalendar is prone to multiple cross-site scripting vulnerabilites in various modules. The issues exist in includes/js/colors.php, week.php, day.php, month.php, weekdetails.php,...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

aWebNews 1.2 visview.php _GET['cid'] Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17352/info aWebBB is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Eudora WorldMail 2.0 Search Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8403/info It has been reported that a cross-site scripting issue exists in the search utility of the software. It is possible that an attacker may create a malicious link containing script code that could be executed in a...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.36 views

eNdonesia 8.2/8.3 Mod Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8506/info It has been reported that eNdonesia is prone to a cross-site scripting vulnerability that may allow a remote attacker to execute HTML or script code in a victim's browser. The issue reportedly exists in the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

Invision Power Board 1.3 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/9768/info Invision Power Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to insufficient sanitization of input supplied via the 'c', 'f', , 'showuser', and 'username' URI parameters...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/11/21 12:0 a.m.14 views

MDaemon WorldClient < 10.0.2 Script Injection

Binary data 4765.prm...

5CVSS7.3AI score0.01182EPSS
Exploits0References2
exploitpack
exploitpack
added 2008/06/20 12:0 a.m.28 views

GL-SH Deaf Forum 6.5.5 - Cross-Site Scripting Arbitrary File Upload

GL-SH Deaf Forum 6.5.5 - Cross-Site Scripting Arbitrary File Upload source: https://www.securityfocus.com/bid/29849/info GL-SH Deaf Forum is prone to a cross-site scripting vulnerability and an arbitrary-file-upload vulnerability because it fails to properly sanitize user-supplied input. An...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2008/04/17 12:0 a.m.13 views

EsContacts 1.0 - search.php?msg Cross-Site Scripting

EsContacts 1.0 - search.php?msg Cross-Site Scripting source: https://www.securityfocus.com/bid/28825/info EsContacts is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attackers may leverage these issues to execute arbitrary script...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2006/11/21 12:0 a.m.12 views

CuteNews 1.4.5 - show_news.php Cross-Site Scripting

CuteNews 1.4.5 - shownews.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21233/info CuteNews is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2006/09/28 12:0 a.m.19 views

SAP Internet Transaction Server 6.106.20 - Cross-Site Scripting

SAP Internet Transaction Server 6.106.20 - Cross-Site Scripting source: https://www.securityfocus.com/bid/20244/info SAP Internet Transaction Server ITS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue would allow...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2006/09/28 12:0 a.m.26 views

SAP Internet Transaction Server 6.10/6.20 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/20244/info SAP Internet Transaction Server ITS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue would allow an attacker to steal cookie-based credentials and to launch oth...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/09/07 12:0 a.m.32 views

AckerTodo 4.0 - index.php Cross-Site Scripting

AckerTodo 4.0 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/19894/info AckerTodo is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue would allow an attacker to steal cookie-based...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2006/06/26 12:0 a.m.15 views

MyMail 1.0 - login.php Cross-Site Scripting

MyMail 1.0 - login.php Cross-Site Scripting source: https://www.securityfocus.com/bid/18656/info MyMail is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitra...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2005/12/13 12:0 a.m.24 views

Mantis Bug Tracker 0.x/1.0 - &#039;View_filters_page.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/15842/info Mantis is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/05/07 12:0 a.m.45 views

Sun Solaris AnswerBook2 - Multiple Cross-Site Scripting Vulnerabilities

Sun Solaris AnswerBook2 is reported prone to multiple cross-site scripting vulnerabilities because the software fails to properly sanitize user-supplied data. Exploits will allow arbitrary HTML and script code to run in a victim's browser, allowing the attacker to steal cookie-based credentials a...

4.3CVSS7AI score0.0172EPSS
Exploits4
Rows per page
Query Builder