4 matches found
CVE-2021-40238
A Cross Site Scriptiong XSS vulnerability exists in the admin panel in Webuzo 2.9.0 via an HTTP request to a non-existent page, which is activated by administrators viewing the "Error Log" page. An attacker can leverage this to achieve Unauthenticated Remote Code Execution via the "Cron Jobs"...
Cross site scripting
Cross-site scripting XSS vulnerability in libahttp/err.c in OkCupid OKWS OK Web Server allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to a non-existent page, which is not properly handled in a 404 error page...
IBM Edge Components Caching Proxy crossite scripting
Crossite scripting on non-existent page...
Non-Existent Page Physical Path Disclosure Vulnerability (HTTP)
The remote web server is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2003 Michel Arboi SPDX-FileCopyrightText: Improved / extended code / detection routine since 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright ...