Lucene search
K

30 matches found

osv
osv
added 2022/05/24 10:0 p.m.1 views

GHSA-HG6G-JJ7G-X6V2 Improper Neutralization of Input During Web Page Generation in Jenkins

In Jenkins 2.196 and earlier, LTS 2.176.3 and earlier, the f:expandableTextBox form control interpreted its content as HTML when expanded, resulting in a stored XSS vulnerability exploitable by users with permission to define its contents typically Job/Configure...

5.4CVSS5.9AI score0.01033EPSS
Exploits0References4
cnvd
cnvd
added 2020/07/26 12:0 a.m.2 views

BEESCMS suffers from SQL injection vulnerability (CNVD-2020-48932)

BEESCMS adopts PHP+MYSQL, featuring multi-language system and easy expansion of content modules. BEESCMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

7.9AI score
Exploits0
redhat
redhat
added 2020/01/23 4:30 a.m.8 views

jenkins: Stored XSS vulnerability in expandable textbox form control

In Jenkins 2.196 and earlier, LTS 2.176.3 and earlier, the f:expandableTextBox form control interpreted its content as HTML when expanded, resulting in a stored XSS vulnerability exploitable by users with permission to define its contents typically Job/Configure...

5.4CVSS6AI score0.01033EPSS
Exploits0References4
redhat
redhat
added 2020/01/14 5:32 a.m.5 views

jenkins: Stored XSS vulnerability in expandable textbox form control

In Jenkins 2.196 and earlier, LTS 2.176.3 and earlier, the f:expandableTextBox form control interpreted its content as HTML when expanded, resulting in a stored XSS vulnerability exploitable by users with permission to define its contents typically Job/Configure...

5.4CVSS6AI score0.01033EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2019/09/25 12:0 a.m.3 views

PT-2019-11795 · Cloudbees +1 · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.196 and earlier, LTS versions 2.176.3 and earlier Description: The issue concerns a stored XSS vulnerability. It occurs because the f:expandableTextBox form control interprets its content as HTML when expanded. This can be...

5.4CVSS5AI score0.01033EPSS
Exploits0References7
nessus
nessus
added 2019/05/08 12:0 a.m.10 views

Toshiba VFS15S-2015PL-W1 ASD Drive Detection

Binary data 757973.prm...

7.3AI score
Exploits0
nessus
nessus
added 2019/05/08 12:0 a.m.23 views

Rockwell Automation 1799ER Expandable 24V DC In/Out Source/Sink 1799ER-IQ10XOQ10 General Purpose Discrete I/O

Binary data 752687.prm...

7.3AI score
Exploits0
nvd
nvd
added 2006/09/13 10:7 p.m.9 views

CVE-2006-4752

Laurentiu Matei eXpandable Home Page XHP CMS 0.5.1 allows remote attackers to obtain the installation path via a query to the engine module, probably with an invalid action parameter...

5CVSS6.6AI score0.01631EPSS
Exploits1References6
nvd
nvd
added 2006/09/13 10:7 p.m.15 views

CVE-2006-4751

Cross-site scripting XSS vulnerability in index.php in Laurentiu Matei eXpandable Home Page XHP CMS 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the errcode parameter...

6.8CVSS5.7AI score0.02155EPSS
Exploits1References7
prion
prion
added 2006/03/23 11:6 p.m.21 views

Design/Logic Flaw

Laurentiu Matei eXpandable Home Page XHP CMS 0.5 and earlier allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using 1 manager.php, 2 standalonemanager.php, and 3 images.php...

9CVSS7.6AI score0.09395EPSS
Exploits1References9Affected Software1
Rows per page
Query Builder