5780 matches found
Google Chrome Navigation Input Validation Vulnerability
Google Chrome is a web browser developed by Google, Inc.Navigation is one of the browser navigation modules. An input validation vulnerability exists in Navigation in versions of Google Chrome prior to 71.0.3578.80, which stems from the program's failure to properly handle navigation failures...
iniNet SpiderControl SCADA WebServer Cross-Site Scripting Vulnerability
The iniNet SpiderControl SCADA WebServer is a SCADA system server from iniNet Solutions, Switzerland. A cross-site scripting vulnerability exists in iniNet SpiderControl SCADA WebServer versions prior to 2.03.0001. A remote attacker can exploit this vulnerability by sending a specially crafted UR...
CVE-2018-12305
Cross-site scripting in File Explorer in ASUSTOR ADM version 3.1.1 allows attackers to execute JavaScript by uploading SVG images with embedded JavaScript...
Cross site scripting
Cross-site scripting in the Login page in ASUSTOR ADM version 3.1.1 allows attackers to execute JavaScript via the System Announcement feature...
CVE-2018-12311
Cross-site scripting vulnerability in File Explorer in ASUSTOR ADM version 3.1.1 allows attackers to execute arbitrary JavaScript when a file is moved via a malicious filename...
CVE-2018-12310
CVE-2018-12310 describes a cross-site scripting vulnerability in ASUSTOR ADM (login page, version 3.1.1) where an attacker can inject JavaScript through the System Announcement feature. Affected component: ASUSTOR ADM login flow. Underlying issue: stored/reflected XSS in the login surface (detail...
Cross site scripting
Cross-site scripting in the /DroboAccess/deleteuser endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to execute JavaScript via the "username" URL parameter...
CVE-2018-14698
CVE-2018-14698 concerns a cross-site scripting flaw in Drobo 5N2 NAS, specifically in the /DroboAccess/delete_user endpoint. The vulnerability allows an attacker to inject JavaScript via the username URL parameter in Drobo 5N2 NAS version 4.0.5-13.28.96115. NVD data lists CVSS v3 base score 6.1 (...
CVE-2018-14697
Cross-site scripting in the /DroboAccess/enableuser endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to execute JavaScript via the username URL parameter...
TerraMaster TOS Cross-Site Scripting Vulnerability (CNVD-2019-00662)
TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A cross-site scripting vulnerability exists in the ajaxdata.php endpoint in...
TerraMaster TOS Cross-Site Scripting Vulnerability (CNVD-2019-00666)
TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A cross-site scripting vulnerability exists in Control Panel in TerraMaster TOS...
TerraMaster TOS Cross-Site Scripting Vulnerability (CNVD-2018-26665)
TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A cross-site scripting vulnerability exists in Control Panel in TerraMaster TOS...
CVE-2018-13335
Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing shared folders via their descriptions...
CVE-2018-13357
Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing Shared Folders via JavaScript in Shared Folders' names...
Cross site scripting
Cross-site scripting in File Manager in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript in the permissions window by placing JavaScript in users' usernames...
CVE-2018-13359
Cross-site scripting in usertable.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "modgroup" parameter...
CVE-2018-13351
Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the edit password form...
CVE-2018-13335
Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing shared folders via their descriptions...
CVE-2018-13334
TerraMaster TOS
CVE-2018-13331
Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing users by placing JavaScript in their usernames...