Lucene search
+L

54 matches found

WPVulnDB
WPVulnDB
added 2018/01/17 12:0 a.m.22 views

BuddyBoss Media <= 3.2.3 - Stored XSS

The album description does not perform input / output validation. According to the researcher: No reply from vendor. Issue not patched. Vulnerability can be exploited by any user. Form not vulnerable to CSRF. PoC '"...

3.5CVSS1.3AI score0.00723EPSS
Exploits2References1Affected Software1
UbuntuCve
UbuntuCve
added 2018/01/10 3:29 p.m.33 views

CVE-2016-6810

In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation...

6.1CVSS6.6AI score0.06093EPSS
Exploits0References2
OSV
OSV
added 2018/01/10 3:29 p.m.2 views

UBUNTU-CVE-2016-6810

In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation...

6.1CVSS6.6AI score0.06093EPSS
Exploits0References3
OSV
OSV
added 2018/01/10 3:29 p.m.33 views

CVE-2016-6810

In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation...

6.1CVSS6.1AI score0.06093EPSS
Exploits0References5
OSV
OSV
added 2018/01/10 3:29 p.m.1 views

DEBIAN-CVE-2016-6810

In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation...

6.1CVSS6.3AI score0.06093EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/01/10 3:0 p.m.23 views

CVE-2016-6810

In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation...

6AI score0.06093EPSS
Exploits0References5
Veracode
Veracode
added 2016/12/12 7:41 a.m.30 views

Cross-site Scripting (XSS)

Apache ActiveMQ is vulnerable to cross-site scripting. It is caused by improper user data output validation in the web based administration console...

6.1CVSS6.2AI score0.06093EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2006/10/21 12:0 a.m.105 views

[DRUPAL-SA-2006-024] Drupal 4.6.10 / 4.7.4 fixes multiple XSS issues

------------------------------------------------------------------------ ---- Drupal security advisory DRUPAL-SA-2006-024 ------------------------------------------------------------------------ ---- Project: Drupal core Date: 2006-Oct-18 Security risk: Moderately critical Exploitable from: Remot...

Exploits0
Tenable Nessus
Tenable Nessus
added 2006/10/20 12:0 a.m.12 views

FreeBSD : drupal -- multiple XSS vulnerabilities (b2383758-5f15-11db-ae08-0008743bf21a)

The Drupal Team reports : A bug in input validation and lack of output validation allows HTML and script insertion on several pages. Drupal's XML parser passes unescaped data to watchdog under certain circumstances. A malicious user may execute an XSS attack via a specially crafted RSS feed. This...

5.7AI score
Exploits0References3
Drupal
Drupal
added 2006/10/18 12:0 a.m.20 views

DRUPAL-SA-2006-024 - Drupal core - Multiple cross site scripting vulnerabilities

Multiple XSS cross site scripting vulnerabilities have been discovered. A bug in input validation and lack of output validation allows HTML and script insertion on several pages. Drupal's XML parser passes unescaped data to watchdog under certain circumstances. A malicious user may execute an XSS...

6.6AI score
Exploits0References4
FreeBSD
FreeBSD
added 2006/10/18 12:0 a.m.14 views

drupal -- multiple XSS vulnerabilities

The Drupal Team reports: A bug in input validation and lack of output validation allows HTML and script insertion on several pages. Drupal's XML parser passes unescaped data to watchdog under certain circumstances. A malicious user may execute an XSS attack via a specially crafted RSS feed. This...

1.8AI score
Exploits0References2
Drupal
Drupal
added 2006/08/08 12:0 a.m.7 views

Revision to DRUPAL-SA-2006-013 - Recipe

It is possible for a malicious user to insert and execute XSS Cross Site Scripting, due to lack of validation on output from the contributed Recipe module. This may lead to administrator access if certain conditions are met. Learn more about XSS on Wikipedia. This is a revision to...

5.6AI score
Exploits0References5
Drupal
Drupal
added 2006/08/07 12:0 a.m.8 views

DRUPAL-SA-2006-013: Recipe module

It is possible for a malicious user to insert and execute XSS, due to lack of validation on output. Versions affected Please check the CVS $Id$ field in the file recipe.module to determine whether the version you are running is vulnerable. Versions older than the following are vulnerable: // $Id:...

5.4AI score
Exploits0References2
Drupal
Drupal
added 2006/07/09 12:0 a.m.18 views

XSS vulnerability in webform module

It is possible for a malicious user to insert and execute XSS into webform pages, due to lack of validation on output. Versions affected All webform 4.6 and 4.7 versions prior to July 8, 2006. Drupal core is not affected. If you do not use the webform module, there is nothing you need to do...

6.3AI score
Exploits0References3
Rows per page
Query Builder