5968 matches found
CVE-2025-2870
Reflected Cross-Site Scripting XSS vulnerability in version 1.0 of the Clinic Queuing System. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the page parameter in /patientside.php...
CVE-2025-2868
Reflected Cross-Site Scripting XSS vulnerability in version 1.0 of the Clinic Queuing System. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the page parameter in /index.php...
CVE-2025-2870
CVE-2025-2870 is a reflected Cross-Site Scripting (XSS) vulnerability in the Clinic Queuing System v1.0. The issue arises via the page parameter in /patient_side.php, enabling an attacker to induce the victim’s browser to execute injected JavaScript when the link is used. This is documented acros...
CVE-2025-2870 Reflected Cross-Site Scripting (XSS) vulnerability in Clinic Queuing System
Reflected Cross-Site Scripting XSS vulnerability in version 1.0 of the Clinic Queuing System. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the page parameter in /patientside.php...
CVE-2025-2870 Reflected Cross-Site Scripting (XSS) vulnerability in Clinic Queuing System
Reflected Cross-Site Scripting XSS vulnerability in version 1.0 of the Clinic Queuing System. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the page parameter in /patientside.php...
CVE-2025-2869 Reflected Cross-Site Scripting (XSS) vulnerability in Clinic Queuing System
Reflected Cross-Site Scripting XSS vulnerability in version 1.0 of the Clinic Queuing System. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the id parameter in /manageuser.php...
CVE-2025-2869
CVE-2025-2869 is a reflected XSS vulnerability in Clinic Queuing System version 1.0. The issue arises from the id parameter in /manage_user.php, allowing an attacker to inject JavaScript that executes in a victim’s browser when the URL is viewed. Connected sources corroborate a reflective XSS pat...
CVE-2025-2869 Reflected Cross-Site Scripting (XSS) vulnerability in Clinic Queuing System
Reflected Cross-Site Scripting XSS vulnerability in version 1.0 of the Clinic Queuing System. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the id parameter in /manageuser.php...
CVE-2025-2868 Reflected Cross-Site Scripting (XSS) vulnerability in Clinic Queuing System
Reflected Cross-Site Scripting XSS vulnerability in version 1.0 of the Clinic Queuing System. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the page parameter in /index.php...
CVE-2025-2868 Reflected Cross-Site Scripting (XSS) vulnerability in Clinic Queuing System
Reflected Cross-Site Scripting XSS vulnerability in version 1.0 of the Clinic Queuing System. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the page parameter in /index.php...
CVE-2025-2868
The CVE-2025-2868 entry describes a Reflected XSS in Clinic Queuing System version 1.0. The vulnerability allows an attacker to execute JavaScript in a victim’s browser by supplying a malicious URL to the page parameter in /index.php. Affected software is the Clinic Queuing System (v1.0). The pro...
Cross-site Scripting (XSS)
Overview org.webjars.npm:vega-functions is a Custom functions for the Vega expression language. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the RegExp.prototype@@replace method. An attacker can execute arbitrary JavaScript code by manipulating the input to...
CVE-2025-27793
Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In Vega prior to version 5.32.0, corresponding to vega-functions prior to version 5.17.0, users running Vega/Vega-lite JSON definitions could run unexpected JavaScript code...
CVE-2025-26619
Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In vega 5.30.0 and lower and in vega-functions 5.15.0 and lower , it was possible to call JavaScript functions from the Vega expression language that were not meant to be...
CVE-2025-27793 Vega vulnerable to Cross-site Scripting via RegExp.prototype[@@replace]
Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In Vega prior to version 5.32.0, corresponding to vega-functions prior to version 5.17.0, users running Vega/Vega-lite JSON definitions could run unexpected JavaScript code...
CVE-2025-27793
Vega (visualization grammar) and the related Vega-lite JSON workflow are affected by CVE-2025-27793. In Vega versions prior to 5.32.0 (and vega-functions prior to 5.17.0), processing Vega/Vega-lite JSON could cause execution of unintended JavaScript unless the library is used with the vega-interp...
CVE-2025-31165
Cross-Site Scripting XSS vulnerability in the Logbug module of NightWolf Penetration Testing Platform 1.2.2 allows attackers to execute JavaScript through the markdown editor feature...
CVE-2025-31165 Cross Site Scripting in NightWolf Penetration Platform
Cross-Site Scripting XSS vulnerability in the Logbug module of NightWolf Penetration Testing Platform 1.2.2 allows attackers to execute JavaScript through the markdown editor feature...
CVE-2025-31165
CVE-2025-31165 is an XSS vulnerability in the Logbug module of NightWolf Penetration Testing Platform 1.2.2 , specifically through the markdown editor feature . The description states that attackers can execute JavaScript via this editor. The CVSS metrics included indicate a base score of 6.9 (Me...
CVE-2025-31165 Cross Site Scripting in NightWolf Penetration Platform
Cross-Site Scripting XSS vulnerability in the Logbug module of NightWolf Penetration Testing Platform 1.2.2 allows attackers to execute JavaScript through the markdown editor feature...