9 matches found
Cross-site Scripting (XSS)
Overview DotNetNuke.Core is a references provider to the DotNetNuke.dll to develop extensions for the DNN Platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the header and footer fields of modules. An attacker can execute arbitrary scripts in the context of...
BOSSCMS 安全漏洞
Wenzhou Huoyin Information Technology BossCMS is a content management system based on the MySQL architecture of the self-developed PHP framework by Wenzhou Huoyin Information Technology Wenzhou, China. A security vulnerability exists in BOSSCMS v3.10, which is caused by a cross-site scripting XSS...
WBCE CMS 跨站脚本漏洞
WBCE CMS is an open source content management system CMS based on PHP and MySQL. A security vulnerability exists in WBCE CMS v1.5.4, which originates from a cross-site scripting XSS vulnerability in /admin/settings/save.php. An attacker can exploit this vulnerability to execute arbitrary web scri...
CVE-2022-45016
A cross-site scripting XSS vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Footer field...
Cross site scripting
A cross-site scripting XSS vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Results Footer field...
WBCE CMS 跨站脚本漏洞
WBCE CMS is an open source content management system CMS based on PHP and MySQL. A cross-site scripting vulnerability exists in WBCE CMS 1.5.4 and previous versions, which stems from the lack of effective filtering and escaping of user-supplied data in the Footer field of the Search Settings...
PT-2022-27371 · Wbce Cms · Wbce Cms
Name of the Vulnerable Software and Affected Versions: WBCE CMS version 1.5.4 Description: A cross-site scripting XSS issue in the Search Settings module allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Footer field. Recommendations: For WBCE CMS...
CVE-2022-45016
A cross-site scripting XSS vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Footer field...
WBCE CMS 跨站脚本漏洞
WBCE CMS is an open source content management system CMS based on PHP and MySQL. WBCE CMS v1.5.4 and its previous versions exist cross-site scripting vulnerability, the vulnerability stems from the Search Settings module in the Results Footer field of the user-supplied data lack of effective...