105 matches found
Flexense DiskBoss Denial of Service Vulnerability
DiskBoss is a disk space utilization analysis tool that supports features such as file synchronization and data migration. DiskBoss suffers from a denial of service vulnerability that originates from a network system or product that does not properly validate incoming data, and an attacker may be...
CloudBees Jenkins Timestamper plugin cross-site scripting vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . Timestamper Plugin is used in one of the...
Wyse Management Suite Cross-Site Scripting Vulnerability (CNVD-2020-17378)
Wyse Management Suite WMS is a scalable solution for managing and optimizing Wyse endpoints from Dell, USA. The product includes centralized management of Wyse endpoints, asset tracking and automated device discovery. A cross-site scripting vulnerability exists in Wyse Management Suite versions...
Chadha Software Technologies PHPKB Standard Multi-Language Cross-Site Scripting Vulnerability (CNVD-2020-18656)
Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A cross-site scripting vulnerability exists in the way URIs are handled in the admin/header.php file in Chadha Software Technologies...
WordPress Strong Testimonials Cross-Site Scripting Vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress Strong Testimonials versions prior to 2.40.1. The...
JetBrains TeamCity Cross-Site Scripting Vulnerability (CNVD-2020-04346)
JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in...
Cisco Email Security Appliance Cross-Site Scripting Vulnerability
Cisco Email Security Appliance ESA is an email security appliance from Cisco in the U.S. AsyncOS Software is the operating system that runs on it. A cross-site scripting vulnerability exists in the Cisco Email Security Appliance 13.0 and prior versions. The vulnerability stems from a lack of prop...
SolarWinds Orion Platform Cross-Site Scripting Vulnerability (CNVD-2020-04012)
SolarWinds Orion Platform is a network fault and network performance management platform from SolarWinds, Inc. The platform provides real-time monitoring and analysis of network devices and supports a customizable web interface, multiple user opinions, and a mapped view of the entire network. A...
TaskCanvas Denial of Service Vulnerability
TaskCanvas is a program that tracks computer usage. TaskCanvas suffers from a denial of service vulnerability that arises from a networked system or product that does not properly validate incoming data, which could be exploited by an attacker to cause a denial of service condition that denies...
serialize-to-js cross-site scripting vulnerability
serialize-to-js is a package that serializes objects to strings. A cross-site scripting vulnerability exists in serialize-to-js NPM versions prior to 3.0.1. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this...
SITOS six Build Cross-Site Scripting Vulnerability
SITOS is a modular e-learning system. The system includes features such as audio playback, video playback, forums, blogs and social media. A cross-site scripting vulnerability exists in the blog feature in SITOS six Build v6.2.1. The vulnerability stems from the WEB application lacking proper...
SAP BusinessObjects Business Intelligence Platform Cross-Site Scripting Vulnerability (CNVD-2019-42431)
SAP BusinessObjects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP. The product has report generation, analysis, data visualization and other functions. A cross-site scripting vulnerability exists in SAP Business Objects...
Plataformatec Simple Form Input Validation Error Vulnerability
Plataformatec Simple Form is a form builder from Plataformatec Brazil. An input validation error vulnerability exists in Plataformatec Simple Form. The vulnerability originates from a network system or product that does not properly validate input data. Detailed vulnerability details are not...
JetBrains YouTrack Cross-Site Scripting Vulnerability
JetBrains YouTrack is a browser-based bug tracking and project management software from the Czech company JetBrains. The software features bug tracking, creating workflows and monitoring project progress. A cross-site scripting vulnerability exists in versions prior to JetBrains YouTrack...
Jiangnan Online Judge Cross-Site Scripting Vulnerability (CNVD-2019-36846)
Jiangnan Online Judge is an online evaluation system for computer programming. The system is mainly used for compiling and executing the source code submitted by users and checking the correctness of the program source code. A cross-site scripting vulnerability exists in Jiangnan Online Judge...
WordPress wpDataTables Lite plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. wpDataTables Lite is a chart management plugin used in it. A cross-site scripting vulnerability exists in WordPress wpDataTables Lite...
formcraft3 plugin for WordPress cross-site scripting vulnerability
formcraft3 plugin for WordPress is a drag and drop form builder plugin for use in WordPress. A cross-site scripting vulnerability exists in formcraft3 plugin for WordPress versions prior to 3.4. The vulnerability stems from the WEB application failing to properly validate client-side data. An...
WordPress timesheet plugin cross-site scripting vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress timesheet plugin versions prior to 0.1.5. The...
SugarCRM Enterprise Cross-Site Scripting Vulnerability
SugarCRM Enterprise is an enterprise version of an open source Customer Relationship Management CRM system from SugarCRM USA. The system supports differentiated marketing, management and distribution of sales leads for different customer needs, and information sharing and tracking of sales...
verdaccio cross-site scripting vulnerability
verdaccio is a lightweight private npm registry. A cross-site scripting vulnerability exists in versions prior to verdaccio 3.12.0, which stems from a lack of proper validation of client-side data by the WEB application and can be exploited by an attacker to execute client-side code...