11 matches found
VulnCheck KEV: CVE-2018-17254
The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter...
CVE-2024-26557
Codiad v2.8.4 allows reflected XSS via the components/market/dialog.php type parameter...
CVE-2024-42831
A reflected cross-site scripting XSS vulnerability in Elaine's Realtime CRM Automation v6.18.17 allows attackers to execute arbitrary JavaScript code in the web browser of a user via injecting a crafted payload into the dialog parameter at wrapperdialog.php...
CVE-2024-42831
A reflected cross-site scripting XSS vulnerability in Elaine's Realtime CRM Automation v6.18.17 allows attackers to execute arbitrary JavaScript code in the web browser of a user via injecting a crafted payload into the dialog parameter at wrapperdialog.php...
CVE-2024-42831
A reflected cross-site scripting XSS vulnerability in Elaine's Realtime CRM Automation v6.18.17 allows attackers to execute arbitrary JavaScript code in the web browser of a user via injecting a crafted payload into the dialog parameter at wrapperdialog.php...
PT-2024-30177 · Unknown · Elaine'S Realtime Crm Automation
Name of the Vulnerable Software and Affected Versions: Elaine's Realtime CRM Automation version 6.18.17 Description: A reflected cross-site scripting XSS issue allows attackers to execute arbitrary JavaScript code in a user's web browser by injecting a crafted payload into the dialog parameter at...
CVE-2017-14588
Various resources in Atlassian Fisheye and Crucible before version 4.4.2 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the dialog parameter...
Cross site scripting
Various resources in Atlassian Fisheye and Crucible before version 4.4.2 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the dialog parameter...
CVE-2017-7626
The "Smart related articles" extension 1.1 for Joomla! has XSS in dialog.php nart,type in GET Method...
DEBIAN-CVE-2016-7103
Cross-site scripting XSS vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function...
CVE-2015-1422
Multiple cross-site scripting XSS vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 horder, 2 jakcatid, 3 jakcontent, 4 jakcss, 5 jakdeletelog, 6 jakemail, 7 jakextfile, 8 jakfile, 9 jakhookshow, 10 jakimg, 11 jakjavascript, 12...