CVE-2023-0968

The Watu Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘dn’, 'email', 'points', and 'date' parameters in versions up to, and including, 3.3.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2022-4213

The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dn' parameter on the 'chainedquizlist' page in versions up to, and including, 1.3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

PT-2022-26276 · WordPress · Chained Quiz

Name of the Vulnerable Software and Affected Versions: Chained Quiz plugin for WordPress versions up to, and including, 1.3.2.2 Description: The issue is related to Reflected Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows unauthenticated attackers to...

Cross site scripting

A Cross-Site Scripting XSS vulnerability exists in LDAP Account Manager LAM Pro 3.6 in the export, addvalueform, and dn parameters to cmd.php...

DEBIAN-CVE-2018-8763

Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 has XSS via the dn parameter to the templates/3rdParty/pla/htdocs/cmd.php URI or the template parameter to the templates/3rdParty/pla/htdocs/cmd.php?cmd=renameform URI...

UBUNTU-CVE-2018-8763

Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 has XSS via the dn parameter to the templates/3rdParty/pla/htdocs/cmd.php URI or the template parameter to the templates/3rdParty/pla/htdocs/cmd.php?cmd=renameform URI...

Design/Logic Flaw

Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 has XSS via the dn parameter to the templates/3rdParty/pla/htdocs/cmd.php URI or the template parameter to the templates/3rdParty/pla/htdocs/cmd.php?cmd=renameform URI...

CVE-2018-8763

Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 has XSS via the dn parameter to the templates/3rdParty/pla/htdocs/cmd.php URI or the template parameter to the templates/3rdParty/pla/htdocs/cmd.php?cmd=renameform URI...

CVE-2006-2016

Multiple cross-site scripting XSS vulnerabilities in phpLDAPadmin 0.9.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 dn parameter in a compareform.php, b copyform.php, c renameform.php, d templateengine.php, and e deleteform.php; 2 scope parameter in f...

CVE-2006-2016

Multiple cross-site scripting XSS vulnerabilities in phpLDAPadmin 0.9.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 dn parameter in a compareform.php, b copyform.php, c renameform.php, d templateengine.php, and e deleteform.php; 2 scope parameter in f...