Lucene search
K

25 matches found

CVE
CVE
added 2024/04/17 12:0 a.m.60 views

CVE-2024-32345

CMSimple v5.15 is affected by a cross-site scripting (XSS) vulnerability in the Settings menu, specifically via the Configuration parameter under Language. The underlying issue is insufficient filtering/escaping of user-supplied data in that parameter, enabling attackers to inject arbitrary web s...

7.2CVSS5.8AI score0.00456EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/04/17 12:0 a.m.17 views

CVE-2024-32344

A cross-site scripting XSS vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit parameter under the Language section...

5.7AI score0.00528EPSS
Exploits1References1
CVE
CVE
added 2024/04/17 12:0 a.m.54 views

CVE-2024-32344

CMSimple v5.15 is affected by an XSS in the Settings menu, via crafted input in the Language section Edit parameter. The vulnerability arises from insufficient filtering/escaping of user-supplied data in that parameter, enabling arbitrary script/HTML execution. In-the-wild details are not provide...

6.8CVSS5.8AI score0.00528EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/06/08 1:0 a.m.46 views

CVE-2018-9182

Twonky Server before 8.5.1 is affected by a cross‑site scripting (XSS) vulnerability exposed via a modified "language" parameter in the Language section. The issue stems from improper handling of the language parameter, enabling XSS payloads. Impact is consistent with XSS (partial integrity impac...

6.1CVSS5.8AI score0.0138EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/06/08 1:0 a.m.17 views

CVE-2018-9182

Twonky Server before 8.5.1 has XSS via a modified "language" parameter in the Language section...

6AI score0.0138EPSS
Exploits1References1
Rows per page
Query Builder