Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:8 p.m.5 views

CVE-2026-2569

The Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via PDF page labels in all versions up to, and including, 2.4.20 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS6AI score0.00152EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2026/03/10 12:0 a.m.9 views

Dear Flipbook < 2.4.27 - Authenticated (Auhtor+) Stored Cross-Site Scripting via PDF Page Labels

Description The Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via PDF page labels in all versions up to, and including, 2.4.20 due to insufficient input sanitization and output escaping. This makes it possible fo...

6.4CVSS5.9AI score0.00152EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2023/03/01 11:2 p.m.36 views

Pimcore vulnerable to Cross Site Scripting in Documents Link Editable

Impact An attacker can use XSS to send a malicious script to any user through Document Page Link Editable - Advanced - Attributes Patches Update to version 10.5.18 or apply this patch manually https://github.com/pimcore/pimcore/pull/14500.patch Workarounds Apply...

7.6CVSS5.2AI score0.00553EPSS
Exploits1References6Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 6:14 a.m.3 views

SUSE CVE-2006-3257

Multiple cross-site scripting XSS vulnerabilities in Claroline 1.7.7 allow remote attackers to inject arbitrary HTML or web script via unspecified attack vectors, possibly including 1 calendar/myagenda.php, 2 document/document.php, 3 phpbb/newtopic.php, 4 tracking/userLog.php, and 5 wiki/page.php...

4.3CVSS6.3AI score0.01348EPSS
Exploits0References3
Prion
Prion
added 2020/03/19 7:15 p.m.19 views

Cross site scripting

The projdoceditpage.php Project Documentation feature in MantisBT before 2.21.3 has a stored cross-site scripting XSS vulnerability, allowing execution of arbitrary code if CSP settings permit it after uploading an attachment with a crafted filename. The code is executed when editing the document...

4.3CVSS6.1AI score0.01141EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2016/11/07 12:0 a.m.1 views

SQL injection vulnerability in hdwiki doc.class.php page

Interactive Wiki open source system HDwiki as China's first independent intellectual property rights of the Chinese Wiki Wiki system. SQL injection vulnerability exists in hdwiki doc.class.php page, allowing attackers to exploit the vulnerability to directly manipulate the website database and...

7.9AI score
Exploits0
Rows per page
Query Builder