8134 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3 allows remote authenticated users to inject arbitrary web script or HTML via crafted input to an application that was built with this product...
CVE-2016-0370
IBM Forms Experience Builder 8.5, 8.5.1 and 8.6 are affected by a cross-site scripting (XSS) vulnerability that can be triggered by crafted input in applications built with the product. The root cause is input not being adequately filtered, allowing an attacker with administrator access to cause ...
CVE-2016-0370
Cross-site scripting XSS vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8.6.3 allows remote authenticated users to inject arbitrary web script or HTML via crafted input to an application that was built with this product...
IBM Forms Experience Builder Cross-Site Scripting Vulnerability
IBM Forms Experience Builder is a set of U.S. IBM's Web forms for creating Web site applications. A cross-site scripting vulnerability exists in versions 8.5, 8.5.1, and 8.6 of IBM Forms Experience Builder that stems from the program not adequately filtering user-submitted input. When a user...
WordPress Ninja Forms Plugin SQL Injection
An SQL injection vulnerability exists in the WordPress Ninja Forms Plugin. It allows an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data...
Ninja Forms <= 2.9.55.1 - Authenticated SQL Injection
The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin was affected by an Authenticated SQL Injection security vulnerability...
WordPress Ninja Forms Plugin <= 2.9.55.1 - Authenticated SQL Injection
There is a bug in this plugin. It could leak the site’s usernames and hashed passwords. Solution Update the plugin...
IBM Forms Experience Builder Cross-Site Request Forgery Vulnerability
IBM Forms Experience Builder is a suite of applications for creating Web forms for Web sites. A cross-site request forgery vulnerability exists in IBM Forms Experience Builder that allows a remote attacker to construct a malicious URI, trick a user into parsing it, and perform malicious actions i...
Foxit Reader < 7.2 Multiple RCE
Binary data 9458.prm...
WordPress plugin Vospari Forms <= 1.3 - Reflected Cross-Site Scripting (XSS) vulnerability
WordPress plugin Vospari Forms version 1.3 vulnerable to Reflected Cross-Site Scripting XSS. Altering the URL would allow for the XSS to be executed for further exploitation. Solution Update plugin to the latest version at least version 1.4...
WordPress Ninja Forms Plugin Cross-Site Scripting Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports in PHP and MySQL servers to set up a personal blog site . Ninja Forms is one of the form plug-ins . A cross-site scripting vulnerability exists in version 2.9.51 of t...
Ninja Forms <= 2.9.51 - Multiple Authenticated Cross-Site Scripting (XSS)
The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin was affected by a Multiple Authenticated Cross-Site Scripting XSS security vulnerability...
WordPress Ninja Forms 2.9.51 Cross Site Scripting
------------------------------------------------------------------------ Multiple Cross-Site Scripting vulnerabilities in Ninja Forms WordPress Plugin ------------------------------------------------------------------------ Han Sahin, July 2016...
WordPress Ninja Forms Plugin <= 2.9.51 - Multiple Cross Site Scripting
Because of this vulnerability, attackers can inject malicious JavaScript code into the application. Solution Update this plugin...
Google Forms <= 0.84 - Cross-Site Scripting (XSS)
The Google Forms WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...
WordPress Google Forms Plugin <= 0.84 - Cross Site Scripting (XSS)
Because of this vulnerability, attackers can steal Administrators' session tokens or perform arbitrary actions on their behalf. Solution Update the plugin...
Joomla Forms 1.3.1 SQL Injection
No description provided by source...
WordPress Google Forms 0.84 Cross Site Scripting
------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Google Forms WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016...
DEBIAN-CVE-2016-4428
Cross-site scripting XSS vulnerability in OpenStack Dashboard Horizon 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form...
IBM Forms Server Cross-Site Scripting Vulnerability
IBM Forms Server is the United States IBM's set of scalable document-based form application of electronic form automation software. A cross-site scripting vulnerability exists in IBM Forms Server that stems from the program's failure to adequately filter user-submitted input. An attacker could...