39 matches found
CVE-2018-19193
An issue was discovered in XiaoCms 20141229. There is XSS via the largest input box on the "New news" screen...
PT-2025-53440
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.22.2 Description Gitea versions before 1.22.2 contain a cross-site scripting XSS issue. The search input box, used when creating tags and branches, utilizes v-html instead of v-text, which allows for the execution of...
EUVD-2006-2966
Malware in sbrugna...
EUVD-2006-2965
Malware in sbrugna...
EUVD-2018-20564
Malware in sbrugna...
EUVD-2021-29613
Malicious code in bioql PyPI...
EUVD-2021-32785
Malicious code in bioql PyPI...
Kwayy HTML Sitemap < 4.0 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Click the 'Settings' button of this plugin. 2...
Sliderby10Web < 1.2.53 - Admin+ Stored XSS
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Go to "Slider » Sliders" and edit one of...
Google TensorFlow DrawBoundingBoxes Denial of Service Vulnerability
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A denial-of-service vulnerability exists in Google TensorFlow, which stems from the fact that when DrawBoundingBoxes receives input boxes that do not belong to the float dtype, it gives the assertion...
Product Show Room Site 安全漏洞
Product Show Room Site is a product showroom site from Carlo Montero's personal developer. version 1.0 of Product Show Room Site is vulnerable to cross-site scripting, which stems from using a special string input text box that leads to cross-site scripting. No details of the vulnerability are...
Cross site scripting
uscat, as of 2021-12-28, is vulnerable to Cross Site Scripting XSS via the input box of the statistical code...
Cross site scripting
A problem was found in ForestBlog, as of 2021-12-29, there is a XSS vulnerability that can be injected through the nickname input box...
CVE-2021-46083
uscat, as of 2021-12-28, is vulnerable to Cross Site Scripting XSS via the input box of the statistical code...
CVE-2021-46084
CVE-2021-46084 affects uscat, a forum system based on Javaex + Ssm. The vulnerability is a Cross Site Scripting (XSS) issue via the "close registration information" input box. The connected documents confirm the vulnerability exists but do not provide exploitation details, affected versions, or r...
CVE-2021-46034
ForestBlog is affected by a cross-site scripting (XSS) vulnerability exploitable via the nickname input box. The issue stems from insufficient validation of client-side data, allowing injected JavaScript to execute in the victim’s browser. Public references describe the vulnerability across multi...
Uscat 跨站脚本漏洞
Uscat is a forum system based on Javaex + Ssm development. A cross-site scripting vulnerability exists in uscat, which stems from an input box via statistical code that is susceptible to cross-site scripting XSS attacks...
Portainer 跨站脚本漏洞
Portainer is a lightweight user management interface for managing Docker environments and Docker hosts. Portainer suffers from a cross-site scripting vulnerability that stems from a cross-site scripting XSS vulnerability in the node input box in custom templates prior to Portainer version 2.9.1...
CVE-2019-8911
An issue was discovered in WTCMS 1.0. It has stored XSS via the third text box for the website statistics code...
DVWA Pro-test CSRF vulnerability-vulnerability warning-the black bar safety net
CSRF is a cross-site request forgery, i.e., a user at A site after login in the same client of the Site B using the vulnerability to get A site's Cookie and other authentication information, and forgery as legitimate identity request to A site. This article in the local environment, carry out the...