EUVD-2022-39423

Malicious code in bioql PyPI...

CVE-2022-45012

A cross-site scripting XSS vulnerability in the Modify Page module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Source field...

Cups Easy 跨站脚本漏洞

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. Cups Easy suffers from a cross-site scripting vulnerability that stems from insufficient escaping of the currencyid parameter on the /cupseasylive/currencymodify.php page. An attacker coul...

Cups Easy Cross-Site Scripting Vulnerability

Cups Easy is a PHP-based purchasing and inventory software that may become a full-fledged ERP in the future. A cross-site scripting vulnerability exists in Cups Easy version 1.0, which stems from insufficient escaping of the description parameter on the /cupseasylive/unitofmeasurementmodify.php...

U.S. Department of State: HTML INJECTION on coins.state.gov

An HTML injection vulnerability was found on coins.state.gov, which could have allowed an attacker to modify the page and potentially steal a user's identity. The vulnerability was discovered through the use of the dalfox tool...

WBCE CMS Source Field Cross-Site Scripting Vulnerability

WBCE CMS is an open source content management system CMS based on PHP and MySQL. WBCE CMS v1.5.4 and its previous versions exist cross-site scripting vulnerability, the vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the Source field in the Modify Pa...

CVE-2022-45012

A cross-site scripting XSS vulnerability in the Modify Page module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Source field...

Cross site scripting

A cross-site scripting XSS vulnerability in the Modify Page module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Source field...

CVE-2022-45012

A cross-site scripting XSS vulnerability in the Modify Page module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Source field...

PT-2022-27367 · Wbce Cms · Wbce Cms

Name of the Vulnerable Software and Affected Versions: WBCE CMS version 1.5.4 Description: A cross-site scripting XSS issue in the Modify Page module allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Source field. Recommendations: For WBCE CMS versi...

WBCE CMS 跨站脚本漏洞

WBCE CMS is an open source content management system CMS based on PHP and MySQL. WBCE CMS v1.5.4 and its previous versions exist cross-site scripting vulnerability, the vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the Source field in the Modify Pa...

CVE-2022-45012

A cross-site scripting XSS vulnerability in the Modify Page module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Source field...

CVE-2022-3208

The Simple File List WordPress plugin before 4.4.12 does not implement nonce checks, which could allow attackers to make a logged in admin create new page and change it's content via a CSRF attack...

CVE-2022-36721

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Textbook parameter at /admin/modify.php...

CVE-2022-36721

Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the Textbook parameter at /admin/modify.php...

WBCE CMS Cross-Site Scripting Vulnerability (CNVD-2018-02994)

WBCE CMS is an easy-to-use open source content management system based on PHP/MySQL. A cross-site scripting vulnerability exists in WBCE CMS 1.3.1. A remote authenticated administrator can use the "Modify Page" screen to inject arbitrary web script or HTML...

CVE-2018-6313

Cross-site scripting XSS in WBCE CMS 1.3.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the Modify Page screen, a different issue than CVE-2017-2118...

Cross site scripting

Cross-site scripting XSS in WBCE CMS 1.3.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the Modify Page screen, a different issue than CVE-2017-2118...

CVE-2018-6313

Cross-site scripting XSS in WBCE CMS 1.3.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the Modify Page screen, a different issue than CVE-2017-2118...

CVE-2018-6313

Cross-site scripting XSS in WBCE CMS 1.3.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the Modify Page screen, a different issue than CVE-2017-2118...