CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. A cross-site scripting vulnerability exists in the Drupal plugin lyris. The program fails to filter user-supplied input, allowing an attacker to construct a malicious web...

6.7AI score

Exploits0

OpenVAS•added 2014/08/22 12:0 a.m.•21 views

Lyris ListManager 'EmailAddr' Parameter Cross Site Scripting Vulnerability

Lyris ListManager is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.6AI score0.00256EPSS

Exploits2References3

0day.today•added 2014/08/15 12:0 a.m.•28 views

Lyris ListManagerWeb 8.95a Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Author: 1N3 Website: http://xerosecurity.com Vender Website: http://lyris.com/us-en/products/listmanager Affected Product: Lyris ListManagerWeb Affected Version: 8.95a ABOUT: Lyris ListManager Lyris LM is an on-premises email marketing softwar...

4.3CVSS6.6AI score0.00256EPSS

Exploits2

NVD•added 2014/08/07 11:13 a.m.•21 views

CVE-2014-5188

Cross-site scripting XSS vulnerability in doemailpassword.tml in Lyris ListManager LM 8.95a allows remote attackers to inject arbitrary web script or HTML via the EmailAddr parameter...

4.3CVSS5.6AI score0.00256EPSS

Exploits2References4

Prion•added 2014/08/07 11:13 a.m.•16 views

Cross site scripting

Cross-site scripting XSS vulnerability in doemailpassword.tml in Lyris ListManager LM 8.95a allows remote attackers to inject arbitrary web script or HTML via the EmailAddr parameter...

4.3CVSS6.1AI score0.00256EPSS

Exploits2References4Affected Software1

CVE•added 2014/08/07 10:0 a.m.•43 views

CVE-2014-5188

The CVE-2014-5188 issue affects Lyris ListManager (LM) 8.95a, in the doemailpassword.tml page, where the EmailAddr parameter is unsafely processed, enabling cross-site scripting (XSS). Exploitation is via crafted input submitted to the EmailAddr field (e.g., POST to doemailpassword.tml) which can...

4.3CVSS5.8AI score0.00256EPSS

Exploits2References4Affected Software1

Cvelist•added 2014/08/07 10:0 a.m.•15 views

CVE-2014-5188

Cross-site scripting XSS vulnerability in doemailpassword.tml in Lyris ListManager LM 8.95a allows remote attackers to inject arbitrary web script or HTML via the EmailAddr parameter...

5.6AI score0.00256EPSS

Exploits2References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by