11 matches found
VulnCheck KEV: CVE-2018-17254
The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter...
CVE-2024-26557
Codiad v2.8.4 allows reflected XSS via the components/market/dialog.php type parameter...
CVE-2024-42831
A reflected cross-site scripting XSS vulnerability in Elaine's Realtime CRM Automation v6.18.17 allows attackers to execute arbitrary JavaScript code in the web browser of a user via injecting a crafted payload into the dialog parameter at wrapperdialog.php...
CVE-2024-42831
A reflected cross-site scripting XSS vulnerability in Elaine's Realtime CRM Automation v6.18.17 allows attackers to execute arbitrary JavaScript code in the web browser of a user via injecting a crafted payload into the dialog parameter at wrapperdialog.php...
CVE-2024-42831
A reflected cross-site scripting XSS vulnerability in Elaine's Realtime CRM Automation v6.18.17 allows attackers to execute arbitrary JavaScript code in the web browser of a user via injecting a crafted payload into the dialog parameter at wrapperdialog.php...
PT-2024-30177 · Unknown · Elaine'S Realtime Crm Automation
Name of the Vulnerable Software and Affected Versions: Elaine's Realtime CRM Automation version 6.18.17 Description: A reflected cross-site scripting XSS issue allows attackers to execute arbitrary JavaScript code in a user's web browser by injecting a crafted payload into the dialog parameter at...
Cross site scripting
Various resources in Atlassian Fisheye and Crucible before version 4.4.2 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the dialog parameter...
CVE-2017-14588
Various resources in Atlassian Fisheye and Crucible before version 4.4.2 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the dialog parameter...
CVE-2017-7626
The "Smart related articles" extension 1.1 for Joomla! has XSS in dialog.php nart,type in GET Method...
DEBIAN-CVE-2016-7103
Cross-site scripting XSS vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function...
CVE-2015-1422
Multiple cross-site scripting XSS vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 horder, 2 jakcatid, 3 jakcontent, 4 jakcss, 5 jakdeletelog, 6 jakemail, 7 jakextfile, 8 jakfile, 9 jakhookshow, 10 jakimg, 11 jakjavascript, 12...