358 matches found
CVE-2019-9230
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.253. A cross-site scripting XSS vulnerability in the search function of the management web interface allows remote attackers to inject arbitrary web script o...
Cross site scripting
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.253. A cross-site scripting XSS vulnerability in the search function of the management web interface allows remote attackers to inject arbitrary web script o...
CVE-2018-19414
Multiple cross-site scripting XSS vulnerabilities in Plikli CMS 4.0.0 allow remote attackers to inject arbitrary web script or HTML via the 1 keyword parameter to groups.php; 2 username parameter to login.php; or 3 date parameter to search.php...
CVE-2018-19414
Multiple cross-site scripting XSS vulnerabilities in Plikli CMS 4.0.0 allow remote attackers to inject arbitrary web script or HTML via the 1 keyword parameter to groups.php; 2 username parameter to login.php; or 3 date parameter to search.php...
CVE-2018-19902
No-CMS 1.1.3 is prone to Persistent XSS via the blog/managearticle "keyword" parameter...
CVE-2018-19902
Vulnerability summary (CVE-2018-19902): No-CMS 1.1.3 is susceptible to a Persistent XSS attack via the blog/manage_article page, specifically through the keyword parameter. The available records indicate the issue is a stored/reflected-like XSS path focused on this input vector, but do not provid...
CVE-2018-19902
No-CMS 1.1.3 is prone to Persistent XSS via the blog/managearticle "keyword" parameter...
WUZHI CMS SQL Injection Vulnerability (CNVD-2019-03304)
WUZHI CMS is China's five fingers WUZHI Internet technology company based on PHP and MySQL open source content management system CMS. A SQL injection vulnerability exists in the coreframe/app/coupon/admin/copyfrom.php file in WUZHI CMS version 4.1.0. A remote attacker can exploit this vulnerabili...
S-CMS SQL Injection Vulnerability (NVD-C-2018-125521)
S-CMS is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise to provide solutions to build a station of the product. The search.php in S-CMS 1.5 has a SQL injection vulnerability, which can be exploited by an attacker through the keyword parameter to perform a SQL injecti...
CVE-2018-19331
An issue was discovered in S-CMS v1.5. There is a SQL injection vulnerability in search.php via the keyword parameter...
CVE-2018-19331
An issue was discovered in S-CMS v1.5. There is a SQL injection vulnerability in search.php via the keyword parameter...
S-CMS Cross-Site Scripting Vulnerability
S-CMS is a content management system CMS based on PHP and MySQL. A cross-site scripting vulnerability exists in the search.php file in S-CMS version 1.5, which can be exploited by remote attackers to inject arbitrary Web script or HTML with the help of the 'keyword' parameter...
Cross site scripting
An issue was discovered in S-CMS v1.5. There is an XSS vulnerability in search.php via the keyword parameter...
CVE-2018-19145
An issue was discovered in S-CMS v1.5. There is an XSS vulnerability in search.php via the keyword parameter...
Cross site scripting
DedeCMS 5.7 SP2 allows XSS via the /member/uploadsselect.php f or keyword parameter...
DedeCMS Cross-Site Scripting Vulnerability (CNVD-2019-01728)
DedeCMS is a PHP-based web content management system CMS. A cross-site scripting vulnerability exists in the /member/uploadsselect.php file in DedeCMS version 5.7 SP2, which can be exploited by a remote attacker with the help of the 'f' or 'keyword' parameter to A remote attacker can use the 'f' ...
Cross site scripting
PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: g=Team&m=User&a=index&keyword=, g=Team&m=Usergroup&a=index&keyword=, g=Team&m=Department&a=index&keyword=, and g=Team&m=Bulletin&a=index&keyword=...
CVE-2018-16371
PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: g=Team&m=User&a=index&keyword=, g=Team&m=Usergroup&a=index&keyword=, g=Team&m=Department&a=index&keyword=, and g=Team&m=Bulletin&a=index&keyword=...
CVE-2018-16372
The issue was discovered in IdeaCMS through 2016-04-30. There is reflected XSS via the index.php?c=content&a=search kw parameter. NOTE: this product is discontinued...
CVE-2018-16371
PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: g=Team&m=User&a=index&keyword=, g=Team&m=Usergroup&a=index&keyword=, g=Team&m=Department&a=index&keyword=, and g=Team&m=Bulletin&a=index&keyword=...