Lucene search
K

109 matches found

Cvelist
Cvelist
added 2015/01/16 3:0 p.m.32 views

CVE-2015-1058

Multiple cross-site scripting XSS vulnerabilities in AdaptCMS 3.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 dataCategorytitle parameter to admin/categories/add, 2 dataFieldtitle parameter to admin/fields/ajaxfields/, 3 name property in a basicInfo JSON object to...

5.8AI score0.04266EPSS
Exploits2References9
NVD
NVD
added 2014/12/16 6:59 p.m.21 views

CVE-2014-9371

The NativeAppServlet in ManageEngine Desktop Central MSP before 90075 allows remote attackers to execute arbitrary code via a crafted JSON object...

10CVSS7.5AI score0.19086EPSS
Exploits1References1
Prion
Prion
added 2014/12/16 6:59 p.m.21 views

Code injection

The NativeAppServlet in ManageEngine Desktop Central MSP before 90075 allows remote attackers to execute arbitrary code via a crafted JSON object...

10CVSS8.1AI score0.19086EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2014/12/16 6:0 p.m.28 views

CVE-2014-9371

The NativeAppServlet in ManageEngine Desktop Central MSP before 90075 allows remote attackers to execute arbitrary code via a crafted JSON object...

7.4AI score0.19086EPSS
Exploits1References1
OSV
OSV
added 2014/11/21 12:44 p.m.29 views

MGASA-2014-0462 Updated python-djblets packages fix security vulnerabilities

Cross-site scripting XSS vulnerability in util/templatetags/djbletsjs.py in Djblets before 0.7.30 for Django, as used in Review Board, allows remote attackers to inject arbitrary web script or HTML via a JSON object, as demonstrated by the name field when changing a user name CVE-2014-3994...

4.3CVSS5.2AI score0.02392EPSS
Exploits2References3
Prion
Prion
added 2014/10/21 4:55 p.m.22 views

Sql injection

SQL injection vulnerability in xhr.php in InterWorx Web Control Panel aka InterWorx Hosting Control Panel and InterWorx-CP before 5.0.14 build 577 allows remote authenticated users to execute arbitrary SQL commands via the i parameter in a search action to the 1 NodeWorx , 2 SiteWorx, or 3...

6.5CVSS8.4AI score0.01123EPSS
Exploits6References3Affected Software1
NVD
NVD
added 2014/06/16 6:55 p.m.31 views

CVE-2014-3994

Cross-site scripting XSS vulnerability in util/templatetags/djbletsjs.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django, as used in Review Board, allows remote attackers to inject arbitrary web script or HTML via a JSON object, as demonstrated by the name field when changing a user na...

4.3CVSS5.5AI score0.02392EPSS
Exploits1References8
PyPA
PyPA
added 2014/06/16 6:55 p.m.7 views

PYSEC-2014-78

Cross-site scripting XSS vulnerability in util/templatetags/djbletsjs.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django, as used in Review Board, allows remote attackers to inject arbitrary web script or HTML via a JSON object, as demonstrated by the name field when changing a user na...

4.3CVSS6AI score0.02392EPSS
Exploits1References9Affected Software1
Prion
Prion
added 2014/06/16 6:55 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in util/templatetags/djbletsjs.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django, as used in Review Board, allows remote attackers to inject arbitrary web script or HTML via a JSON object, as demonstrated by the name field when changing a user na...

4.3CVSS6AI score0.02392EPSS
Exploits1References8Affected Software1
Rows per page
Query Builder