NetCat CMS 安全漏洞

NetCat CMS is a content management system from NetCat, Inc. A security vulnerability previously existed in NetCat CMS version 6.4.0.24248. An attacker could exploit the vulnerability to execute JavaScript code in a user's browser when the user visits a specific path on the site...

Cross-site Scripting (XSS)

Overview camaleoncms is a dynamic and advanced content management system based on Ruby on Rails as an alternative to Wordpress. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the image upload functionality. An attacker can execute arbitrary JavaScript on behalf o...

CVE-2024-38380

This vulnerability occurs when user-supplied input is improperly sanitized and then reflected back to the user's browser, allowing an attacker to execute arbitrary JavaScript in the context of the victim's browser session...

CVE-2024-38380

Confirmed CVE-2024-38380 relates to Millbeck Communications Proroute H685t-w (firmware 3.2.334). Affected component: web UI endpoints (vpn/openconnect_client.lua, vpn/pptp_edit.lua, filebrowser) where user input is improperly sanitized and reflected, enabling: 1) Command injection via vulnerable ...

Millbeck Proroute H685t-w 跨站脚本漏洞

The Millbeck Proroute H685t-w is a wireless router from Millbeck. A cross-site scripting vulnerability exists in the Millbeck Proroute H685t-w version v3.2.334, which stems from the presence of a cross-site scripting vulnerability that could allow an attacker to execute arbitrary JavaScript in th...

MindsDB 安全漏洞

MindsDB is an emerging low-code machine learning platform from MindsDB, Inc. MindsDB has a security vulnerability that stems from the presence of a cross-site scripting XSS vulnerability that allows JavaScript to be executed whenever a user enumerates engines, databases, projects, or datasets tha...

Exploit for Improper Check for Unusual or Exceptional Conditions in Mozilla Firefox

CVE-2024-4367: Arbitrary JavaScript Execution in PDF.js Ov...

OESA-2024-2063 firefox security update

Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution ...

The vulnerability in the administration interface of the Zimbra Collaboration Suite email management system allows a hacker to execute arbitrary JavaScript code.

The vulnerability of the administration interface of the Zimbra Collaboration Suite email management system is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code by sending a...

CVE-2024-45057 Reflected Cross-Site Scripting in i-Educar

i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. A Reflected Cross-Site Scripting XSS vulnerability was identified in the dynamic generation of HTML fields prior to the 2.9 branch. The file located at...

CVE-2024-37392

A stored Cross-Site Scripting XSS vulnerability has been identified in SMSEagle software version 6.0. The vulnerability arises because the application did not properly sanitize user input in the SMS messages in the inbox. This could allow an attacker to inject malicious JavaScript code into an SM...

CVE-2024-41878

Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. This vulnerability could allow an attacker to inject and execute arbitrary JavaScript code within the context of the user's browser session. Exploitation of this issue requires...

PT-2024-27518 · Smseagle · Smseagle

Name of the Vulnerable Software and Affected Versions: SMSEagle versions prior to 6.0 Description: A stored Cross-Site Scripting XSS issue has been identified. The application did not properly sanitize user input in SMS messages in the inbox, allowing an attacker to inject malicious JavaScript co...

The vulnerability of the Netcat module in CMS systems allows a hacker to execute arbitrary JavaScript code.

The vulnerability of the Netcat calendar CMS system’s module is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...

The vulnerability of the code parameter in the netshop CMS system’s Netcat module allows a hacker to execute arbitrary JavaScript code.

The vulnerability of the code parameter in the netshop CMS system’s Netcat module exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...

The vulnerability of the “market” parameter in the Netcat netshop CMS system allows a hacker to execute arbitrary JavaScript code.

The vulnerability of the “market” parameter in the netshop CMS system, Netcat CMS, is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...

The vulnerability of the netshop CMS system’s Netcat module allows a hacker to execute arbitrary JavaScript code.

The vulnerability of the netshop CMS system’s Netcat module is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...

The vulnerability of the “file” parameter in the netshop CMS system’s Netcat module allows a hacker to execute arbitrary JavaScript code.

The vulnerability of the “file” parameter in the netshop CMS system’s Netcat module exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute any arbitrary JavaScript code in the user’s browser remotely...

The vulnerability of the stats module in the Netcat CMS system allows a hacker to execute arbitrary JavaScript code.

The vulnerability of the stats module in the Netcat CMS system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...

The vulnerability of the filemanager module in the CMS system Netcat, which allows a hacker to execute arbitrary JavaScript code

The vulnerability of the filemanager module in the CMS system Netcat exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...