Lucene search
K

4739 matches found

CNVD
CNVD
added 2021/12/28 12:0 a.m.14 views

WordPress Paid Memberships Pro plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.The Paid Memberships Pro plugin has a cross-site scripting vulnerability in versions prior to 2.6.6, which stems...

6.1CVSS2.2AI score0.01868EPSS
Exploits2References1
CNVD
CNVD
added 2021/12/28 12:0 a.m.19 views

WordPress Buttonizer-Smart Floating Action Button plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. buttonizer-Smart Floating Action Button plugin has a cross-site scripting vulnerability in versions prior to 2.5.5,...

6.1CVSS2AI score0.01868EPSS
Exploits4References1
NVD
NVD
added 2021/12/20 12:15 p.m.26 views

CVE-2021-44916

Opmantek Open-AudIT Community 4.2.0 Fixed in 4.3.0 is affected by a Cross Site Scripting XSS vulnerability. If a bad value is passed to the routine via a URL, malicious JavaScript code can be executed in the victim's browser...

6.1CVSS0.03709EPSS
Exploits4References4
OSV
OSV
added 2021/12/20 12:15 p.m.19 views

CVE-2021-44916

Opmantek Open-AudIT Community 4.2.0 Fixed in 4.3.0 is affected by a Cross Site Scripting XSS vulnerability. If a bad value is passed to the routine via a URL, malicious JavaScript code can be executed in the victim's browser...

6.1CVSS6AI score
Exploits0References4
Prion
Prion
added 2021/12/20 12:15 p.m.16 views

Cross site scripting

Opmantek Open-AudIT Community 4.2.0 Fixed in 4.3.0 is affected by a Cross Site Scripting XSS vulnerability. If a bad value is passed to the routine via a URL, malicious JavaScript code can be executed in the victim's browser...

4.3CVSS5.9AI score0.03709EPSS
Exploits4References4Affected Software1
Huntr
Huntr
added 2021/12/20 3:13 a.m.12 views

Cross-site Scripting (XSS) - Stored in friends-of-forkcms/fork-cms-module-commerce

Description In the admin section in Commerce - Shop settings - Stock statuses - Edit stock statuses one can add XSS payloads. After adding XSS payloads when a user is visiting Commerce - Shop settings - Stock statuses the JavaScript code will be run. Proof of Concept Go to Commerce - Shop setting...

0.8AI score
Exploits0
CNVD
CNVD
added 2021/12/19 12:0 a.m.14 views

Delta Electronics DIAEnergie descr parameter cross-site scripting vulnerability

Delta Electronics DIAEnergie is an industrial energy management system used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximize energy efficiency.A cross-site...

6.5CVSS2AI score0.10562EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/19 12:0 a.m.15 views

WordPress WooCommerce myghpay Payment Gateway plugin cross-site scripting vulnerability

The WooCommerce myghpay Payment Gateway plugin is a WordPress open source application plugin. cross-site scripting vulnerability exists in the WordPress WooCommerce myghpay Payment Gateway plugin, which stems from /processresponse. php's clientref parameter lacks a data validation filter for...

6.1CVSS1.5AI score0.00757EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/19 12:0 a.m.12 views

WordPress .htaccess Redirect plugin cross-site scripting vulnerability

WordPress is a set of blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. The .htaccess Redirect plugin is a WordPress open source application plugin. The WordPress .htaccess Redirect...

6.1CVSS1.1AI score0.00757EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/19 12:0 a.m.19 views

UiPath App Studio Cross-Site Scripting Vulnerability

UiPath App Studio is a low-code application development platform from UiPath, Inc. A cross-site scripting vulnerability exists in version 21.4.4 of UiPath App Studio, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit the vulnerability...

5.4CVSS2.7AI score0.00455EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/19 12:0 a.m.19 views

Yetiforcecrm Cross-Site Scripting Vulnerability

YetiForceCrm is an open source Crm system from the Polish company YetiForce. Yetiforcecrm suffers from a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit the vulnerability to execute JavaScript code ...

6.6CVSS3.3AI score0.00456EPSS
Exploits1References1
CNVD
CNVD
added 2021/12/19 12:0 a.m.21 views

Delta Electronics DIAEnergie name parameter cross-site scripting vulnerability

Delta Electronics DIAEnergie is an industrial energy management system used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximize energy efficiency.A cross-site...

7.5CVSS2.1AI score0.00657EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/19 12:0 a.m.20 views

SourceCodester Vehicle Service Management System Cross-Site Scripting Vulnerability

Sourcecodester Vehicle Service Management System is an open source PHP project. Sourcecodester Vehicle Service Management System is a cross-site scripting vulnerability that could be exploited by an attacker through a lack of data validation filtering of user-supplied and output data in...

4.8CVSS2.4AI score0.006EPSS
Exploits1References1
CNVD
CNVD
added 2021/12/19 12:0 a.m.15 views

crocoblock JetEngine Cross-Site Scripting Vulnerability (CNVD-2022-05012)

crocoblock JetEngine is a dynamic content plugin that allows you to build complex websites quickly and cost-effectively. crocoblock JetEngine prior to version 2.9.1 is vulnerable to a cross-site scripting vulnerability that stems from a lack of data validation filtering of user-supplied data and...

5.4CVSS2.4AI score0.00455EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/19 12:0 a.m.12 views

Bus Pass Management System Cross-Site Scripting Vulnerability

Bus Pass Management System is a bus pass management system. v1.0 of Bus Pass Management System is vulnerable to a cross-site scripting vulnerability that stems from the lack of data validation filtering of user-supplied data and output in the parameters pagedes and About Us. An attacker could...

5.4CVSS2.4AI score0.00544EPSS
Exploits1References1
CNVD
CNVD
added 2021/12/19 12:0 a.m.27 views

Motorola Solutions Avigilon Cross-Site Scripting Vulnerability

Motorola Solutions Avigilon is a series of security cameras from Motorola Solutions, U.S. A cross-site scripting vulnerability exists in Motorola Solutions Avigilon, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit this vulnerability...

4.8CVSS3AI score0.00452EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/19 12:0 a.m.15 views

WordPress WooCommerce EnvioPack plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.WooCommerce EnvioPack plugin is a WordPress open source application plugin.The WordPress WooCommerce EnvioPack plugin h...

6.1CVSS1.1AI score0.00757EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/19 12:0 a.m.26 views

Genesys Workforce Management Cross-Site Scripting Vulnerability

Genesys Workforce Management is a workforce management system from Genesys, Inc. A cross-site scripting vulnerability exists in Genesys Workforce Management version 8.5.214.20, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit the...

6.1CVSS2.9AI score0.00752EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/19 12:0 a.m.21 views

Delta Electronics DIAEnergie HandlerEnergyType Parameter Name Cross-Site Scripting Vulnerability

Delta Electronics DIAEnergie is an industrial energy management system used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximize energy efficiency.A cross-site...

7.5CVSS1.5AI score0.09492EPSS
Exploits0References1
CNVD
CNVD
added 2021/12/19 12:0 a.m.14 views

WordPress link-list-manager plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. link-list-manager plugin is a WordPress open source application plugin. WordPress link-list-manager plugin has a...

6.1CVSS2.2AI score0.00757EPSS
Exploits0References1
Rows per page
Query Builder