4 matches found
CVE-2022-30015
In Simple Food Website 1.0, a moderation can put the Cross Site Scripting Payload in any of the fields on http://127.0.0.1:1234/food/admin/allusers.php like Full Username, etc .This causes stored xss...
GHSA-FH63-4R66-JC7V Cross-site scripting (XSS) in Apache Velocity Tools
The default error page for VelocityView in Apache Velocity Tools prior to 3.1 reflects back the vm file that was entered as part of the URL. An attacker can set an XSS payload file as this vm file in the URL which results in this payload being executed. XSS vulnerabilities allow attackers to...
ZyXEL VMG3312-B10B Cross Site Scripting
Exploit Title: ZyXEL VMG3312-B10B - Cross-Site Scripting Date: 2018-08-21 Exploit Author: Samet AAHAdegN Vendor Homepage: https://www.zyxel.com/ Software Link: ftp://ftp.zyxel.com.tr/ZyXELURUNLERI/MODEMLER/VDSLMODEMLER/VMG3312-B10B/ Version: ZyXEL VMG3312-B10B Tested on: Mozilla Firefox 61.0.2 &...
Cross site scripting
mcholste Enterprise Log Search and Archive ELSA version revision 1205, commit 2cc17f1 and earlier contains a Cross Site Scripting XSS vulnerability in index view / that can result in . This attack appear to be exploitable via Payload delivered via the type, name, and value parameters of...