5004 matches found
Cross-site Scripting (XSS) - Generic in forkcms/forkcms
✍️ Description A cross-site scripting XSS issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the "enddate" Parameter 🕵️♂️ Proof of Concept XSS payload: '"%26%25alert1 Steps to reproduce issue 1- Login to Fork admin panel 2- Goto Modules=Formbuilder 3- Turn on Burp...
CVE-2021-27529
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "limit" parameter...
CVE-2021-27529
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "limit" parameter...
CVE-2021-27528
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "refID" parameter...
CVE-2021-27528
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "refID" parameter...
CVE-2021-27531
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "query" parameter...
CVE-2021-27527
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "valueID" parameter...
CVE-2021-27530
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allow remote attacker to inject javascript via URI in /index.php...
CVE-2021-27530
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allow remote attacker to inject javascript via URI in /index.php...
Cross site scripting
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "valueID" parameter...
Cross site scripting
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "page" parameter...
Cross site scripting
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "query" parameter...
Cross site scripting
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "limit" parameter...
Cross site scripting
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allow remote attacker to inject javascript via URI in /index.php...
Cross site scripting
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "refID" parameter...
CVE-2021-27526
DynPG 4.9.2 is affected by CVE-2021-27526, a cross-site scripting (XSS) vulnerability that allows remote attackers to inject JavaScript through the "page" parameter. The connected sources confirm the affected product/version and the vulnerability type, but do not provide exploitation details or a...
CVE-2021-27526
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "page" parameter...
CVE-2021-27527
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "valueID" parameter...
CVE-2021-27530
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allow remote attacker to inject javascript via URI in /index.php...
CVE-2021-27531
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "query" parameter...