Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-18478

Malware in sbrugna...

5.4CVSS6AI score0.00784EPSS
Exploits0References2
OSV
OSV
added 2019/12/04 7:15 p.m.3 views

CVE-2019-19133

The CSS Hero plugin through 4.0.3 for WordPress is prone to reflected XSS via the URI in a cssheroaction=editpage request because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary JavaScript in the browser of an unsuspecting user in th...

6.1CVSS6.6AI score0.01882EPSS
Exploits2References3
Prion
Prion
added 2018/05/04 3:29 p.m.15 views

Cross site scripting

DISPUTED A stored XSS vulnerability was found in Datenstrom Yellow 0.7.3 via an "Edit page" action. NOTE: the vendor disputes the relevance of this report because an installation accessible to untrusted users is supposed to have parserSafeMode=1 in system/config/config.ini to prevent XSS...

3.5CVSS5.2AI score0.00653EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/05/04 3:0 p.m.55 views

CVE-2018-10726

CVE-2018-10726 is a stored XSS vulnerability in Datenstrom Yellow 0.7.3 exploitable via the "Edit page" action. Multiple connected reports reiterate the vendor’s note that installations accessible to untrusted users should have parserSafeMode=1 in system/config/config.ini to prevent XSS. Affected...

5.4CVSS5.2AI score0.00653EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2018/05/04 3:0 p.m.7 views

CVE-2018-10726

A stored XSS vulnerability was found in Datenstrom Yellow 0.7.3 via an "Edit page" action. NOTE: the vendor disputes the relevance of this report because an installation accessible to untrusted users is supposed to have parserSafeMode=1 in system/config/config.ini to prevent XSS...

5.9AI score0.00653EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/05/04 12:0 a.m.5 views

PT-2018-10068 · Datenstrom · Datenstrom Yellow

Name of the Vulnerable Software and Affected Versions: Datenstrom Yellow version 0.7.3 Description: A stored XSS issue was found via an "Edit page" action. The vendor disputes the relevance of this report, noting that installations accessible to untrusted users should have parserSafeMode=1 in...

5.4CVSS5.4AI score0.00653EPSS
Exploits1References3
NVD
NVD
added 2017/06/12 6:29 a.m.17 views

CVE-2017-9547

admin.php in BigTree through 4.2.18 has a Cross-site Scripting XSS vulnerability, which allows remote authenticated users to inject arbitrary web script or HTML by launching an Edit Page action and entering the Navigation Title or Page Title of a page that is scheduled for future publication aka ...

5.4CVSS5.2AI score0.00784EPSS
Exploits0References1
Prion
Prion
added 2017/06/12 6:29 a.m.11 views

Cross site scripting

admin.php in BigTree through 4.2.18 has a Cross-site Scripting XSS vulnerability, which allows remote authenticated users to inject arbitrary web script or HTML by launching an Edit Page action and entering the Navigation Title or Page Title of a page that is scheduled for future publication aka ...

3.5CVSS5.8AI score0.00784EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2017/06/12 6:29 a.m.15 views

CVE-2017-9547

admin.php in BigTree through 4.2.18 has a Cross-site Scripting XSS vulnerability, which allows remote authenticated users to inject arbitrary web script or HTML by launching an Edit Page action and entering the Navigation Title or Page Title of a page that is scheduled for future publication aka ...

5.4CVSS5.6AI score
Exploits0References1
Rows per page
Query Builder