14 matches found
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23558)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23560)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23566)
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
EUVD-2025-32161
Malicious code in bioql PyPI...
CVE-2025-59763 Multiple vulnerabilities in AndSoft's e-TMS
Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...
CVE-2025-59754 Multiple vulnerabilities in AndSoft's e-TMS
Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...
PT-2025-40394
Name of the Vulnerable Software and Affected Versions AndSoft e-TMS version 25.03 Description A cross-site scripting issue exists in AndSoft e-TMS version 25.03. This allows an attacker to execute JavaScript code in a victim’s browser through a malicious URL. The vulnerability is reflected throug...
AndSoft e-TMS 跨站脚本漏洞
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
AndSoft e-TMS 跨站脚本漏洞
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...
AndSoft e-TMS 跨站脚本漏洞
AndSoft e-TMS is a logistics management software from AndSoft Spain. A cross-site scripting vulnerability exists in AndSoft e-TMS v25.03, which originates from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the fi...
DEBIAN-CVE-2007-1732
Cross-site scripting XSS vulnerability in an mt import in wp-admin/admin.php in WordPress 2.1.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the demo parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
Cross site scripting
Cross-site scripting XSS vulnerability in an mt import in wp-admin/admin.php in WordPress 2.1.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the demo parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
CVE-2007-1732
CVE-2007-1732 describes a cross-site scripting (XSS) vulnerability in WordPress 2.1.2 related to an mt import in wp-admin/admin.php, exploitable by remote authenticated administrators through the demo parameter to inject arbitrary script/HTML. The vulnerability’s provenance includes third‑party r...
WordPress <= 2.1.2 - Cross Site Scripting
Because of this vulnerability in an mt import in wp-admin/admin.php, the authenticated administrators can inject arbitrary web script or HTML via the "demo" parameter Solution Update the WordPress to the latest available version at least 2.1.3...