15 matches found
CVE-2023-44012
Cross Site Scripting vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the helpkey parameter in the Help.aspx component...
CVE-2023-44012
Cross Site Scripting vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the helpkey parameter in the Help.aspx component...
CVE-2023-44012
Cross Site Scripting vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the helpkey parameter in the Help.aspx component...
CVE-2023-44012
Cross Site Scripting vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the helpkey parameter in the Help.aspx component...
CVE-2023-44012
Cross Site Scripting vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the helpkey parameter in the Help.aspx component...
PT-2023-29067 · Unknown · Mojoportal
Name of the Vulnerable Software and Affected Versions: mojoPortal version 2.7.0.0 Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via the helpkey parameter in the "Help.aspx" component. This enables the attacker to inject malicious scripts into the...
mojoPortal Cross-Site Scripting Vulnerability
mojoPortal is the United States Joe Audette individual developer of a set of open source , object-oriented Web site architecture WSF and content management system CMS. The system provides event calendars, photo albums, file managers and more. A cross-site scripting vulnerability exists in...
CVE-2023-44012
Cross Site Scripting vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the helpkey parameter in the Help.aspx component...
mojoPortal Cross-Site Scripting Vulnerability
mojoPortal is an American programmer Joe Audette developed a set of open source , object-oriented Web site architecture WSF and content management system CMS, it provides event calendar , photo albums , file manager and so on. A cross-site scripting vulnerability exists in the Help.aspx file in...
CVE-2017-1000457
Cross-site scripting XSS vulnerability in Help.aspx in mojoPortal version 2.5.0.0 allows remote attackers to inject arbitrary web script or HTML via the helpkey parameter. Exploitation requires authenticated reflected cross-site scripting for user accounts assigned either the "Administrators" or...
CVE-2017-1000457
Cross-site scripting XSS vulnerability in Help.aspx in mojoPortal version 2.5.0.0 allows remote attackers to inject arbitrary web script or HTML via the helpkey parameter. Exploitation requires authenticated reflected cross-site scripting for user accounts assigned either the "Administrators" or...
CVE-2017-1000457
CVE-2017-1000457 describes a cross-site scripting (XSS) vulnerability in mojoPortal 2.5.0.0, exploitable via the Help.aspx page using the helpkey parameter. Exploitation requires an authenticated attacker with either the Administrators or Content Administrators role to perform a reflected XSS aga...
Microsoft SharePoint Services Help.aspx 'cid0' Parameter XSS
The version of Microsoft SharePoint Services running on the remote host has a cross-site scripting vulnerability. Input sent to the 'cid0' parameter of '/layouts/help.aspx' is not properly sanitized. A remote attacker could exploit this by tricking a user into making a malicious request, resultin...
VulnCheck KEV: CVE-2010-0817
Cross-site scripting XSS vulnerability in layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote attackers to inject arbitrary web script or HTML via the cid0 parameter...
Microsoft SharePoint Server crossite scripting
Crossite scripting in help.aspx...