27 matches found
CVE-2017-12882
Stored Cross-site scripting XSS vulnerability in Spring Batch Admin before 1.3.0 allows remote authenticated users to inject arbitrary JavaScript or HTML via the file upload functionality...
Cross site scripting
Stored Cross-site scripting XSS vulnerability in Spring Batch Admin before 1.3.0 allows remote authenticated users to inject arbitrary JavaScript or HTML via the file upload functionality...
Cross site scripting
Stored Cross-site scripting XSS vulnerability in SAP SuccessFactors before b1705.1234962 allows remote authenticated users to inject arbitrary web script or HTML via the file upload functionality...
Exploiting XXE Vulnerabilities in OXML Documents - Part 1
OXML is a common document format; think docx Microsoft Word Document, pptx Microsoft Powerpoint, xlsx Excel Spreadsheet, etc. An OXML document is a zip file containing XML files and any media files. When the document is rendered, the rendering library unzips the document and then parses the...
Cross site scripting
Cross-site scripting XSS vulnerability in the file-upload functionality in the Web client in IBM Rational ClearQuest 7.1.x before 7.1.2.7 allows remote authenticated users to inject arbitrary web script or HTML via the File Description field...
eXtreme-fusion 4.02 - 'Fusion_Forum_View.php' Local File Inclusion
source: https://www.securityfocus.com/bid/21621/info eXtreme-fusion is prone to a local file-include vulnerability because the application fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts. By combining thi...
eXtreme-fusion 4.02 - Fusion_Forum_View.php Local File Inclusion
eXtreme-fusion 4.02 - FusionForumView.php Local File Inclusion source: https://www.securityfocus.com/bid/21621/info eXtreme-fusion is prone to a local file-include vulnerability because the application fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized...