Hotel Druid 3.0.2 - Cross-Site Scripting

Hotel Druid 3.0.2 contains a cross-site scripting vulnerability in multiple pages which allows for arbitrary execution of JavaScript commands. id: CVE-2021-37833 info: name: Hotel Druid 3.0.2 - Cross-Site Scripting author: pikpikcu,s4e-io severity: medium description: Hotel Druid 3.0.2 contains a...

EUVD-2018-0259

Malware in sbrugna...

EUVD-2001-0728

Malware in sbrugna...

EUVD-2021-29625

Malicious code in bioql PyPI...

Cross Site Scripting

typo3/cms is vulnerable to Cross Site Scripting. The vulnerability is caused due to a missing sanitization while rendering web page on the browser. This can lead to an authorized editors insert javascript commands by using the url scheme javascript:...

Security Vulnerabilities fixed in Firefox for iOS 129 — Mozilla

Long pressing on a download link could potentially provide a means for cross-site scripting The contextual menu for links could provide an opportunity for cross-site scripting attacks When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to...

GHSA-75MX-CHCF-2Q32 Duplicate Advisory: TYPO3 Cross-Site Scripting vulnerability in typolinks

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-j5v7-9xr5-m7gx. This link is maintained to preserve external references. Original Description All link fields within the TYPO3 installation are vulnerable to Cross-Site Scripting as authorized editors can insert...

Duplicate Advisory: TYPO3 Cross-Site Scripting vulnerability in typolinks

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-j5v7-9xr5-m7gx. This link is maintained to preserve external references. Original Description All link fields within the TYPO3 installation are vulnerable to Cross-Site Scripting as authorized editors can insert...

Tramyardg Autoexpress 1.3.0 Cross Site Scripting

Exploit Title: tramyardg autoexpress - Stored Cross-Site Scripting XSS Google Dork: N/A Date: 11/28/2023 Exploit Author: Scott White Vendor Homepage: https://github.com/tramyardg/autoexpress Version: v1.3.0 Tested on: Ubuntu 22.04.3 LTS + Apache/2.4.52 CVE : CVE-2023-48903 References:...

Beekeeper Studio vulnerable to code injection

Overview Beekeeper Studio provided by Beekeeper Studio, Inc. contains a code injection vulnerability CWE-74. Eiji Mori of Flatt Security Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A remote...

Cross site scripting

A stored Cross-Site Scripting XSS vulnerability exists in version 1.0 of the Expense Management System application that allows for arbitrary execution of JavaScript commands through index.php...

Cross site scripting

A stored cross-site scripting XSS vulnerability exists in FlatPress 1.2.1 that allows for arbitrary execution of JavaScript commands through blog content...

Cross site scripting

A Stored Cross Site Scripting XSS vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP/MySQL via the Holiday reason parameter. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to...

CVE-2021-38822

A Stored Cross Site Scripting vulnerability via Malicious File Upload exists in multiple pages of IceHrm 30.0.0.OS that allows for arbitrary execution of JavaScript commands...

CVE-2021-38822

A Stored Cross Site Scripting vulnerability via Malicious File Upload exists in multiple pages of IceHrm 30.0.0.OS that allows for arbitrary execution of JavaScript commands...

Cross site scripting

A Stored Cross Site Scripting vulnerability via Malicious File Upload exists in multiple pages of IceHrm 30.0.0.OS that allows for arbitrary execution of JavaScript commands...

CVE-2021-38822

A Stored Cross Site Scripting vulnerability via Malicious File Upload exists in multiple pages of IceHrm 30.0.0.OS that allows for arbitrary execution of JavaScript commands...

CVE-2021-37833

A reflected cross-site scripting XSS vulnerability exists in multiple pages in version 3.0.2 of the Hotel Druid application that allows for arbitrary execution of JavaScript commands...

CVE-2021-37833

A reflected cross-site scripting XSS vulnerability exists in multiple pages in version 3.0.2 of the Hotel Druid application that allows for arbitrary execution of JavaScript commands...

Cross site scripting

A reflected cross-site scripting XSS vulnerability exists in multiple pages in version 3.0.2 of the Hotel Druid application that allows for arbitrary execution of JavaScript commands...