CVE-2024-12756

An HTML Injection vulnerability in Avaya Spaces may have allowed disclosure of sensitive information or modification of the page content seen by the user...

CVE-2024-12756 Avaya Spaces HTML injection (HTMLi) Vulnerability

An HTML Injection vulnerability in Avaya Spaces may have allowed disclosure of sensitive information or modification of the page content seen by the user...

CVE-2024-12756

CVE-2024-12756 concerns an HTML Injection vulnerability in Avaya Spaces. The available sources indicate that the affected product is Avaya Spaces and the issue enables possible disclosure of sensitive information or modification of page content viewed by users. The reports describe the vulnerabil...

CVE-2024-6160 SQL Injection in MegaBIP

SQL Injection vulnerability in MegaBIP software allows attacker to disclose the contents of the database, obtain session cookies or modify the content of pages. This issue affects MegaBIP software versions through 5.12.1...

CVE-2019-19286

A vulnerability has been identified in XHQ All Versions 6.1. The web interface could allow SQL injection attacks if an attacker is able to modify content of particular web pages...

CVE-2019-19284

A vulnerability has been identified in XHQ All Versions 6.1. The web interface could allow Cross-Site Scripting XSS attacks if an attacker is able to modify content of particular web pages, causing the application to behave in unexpected ways for legitimate users...

CVE-2019-8404

An issue was discovered in Webiness Inventory 2.3. The ProductModel component allows Arbitrary File Upload via a crafted product image during the creation of a new product. Consequently, an attacker can steal information from the site with the help of an installed executable file, or change the...

CVE-2019-8404

An issue was discovered in Webiness Inventory 2.3. The ProductModel component allows Arbitrary File Upload via a crafted product image during the creation of a new product. Consequently, an attacker can steal information from the site with the help of an installed executable file, or change the...

phAlbum PHP Gallery Script Cross Site Scripting

Exploit Title: phAlbum php Gallery Script Reflected XSS Vulnerability Date: 2012 Author: Eyup CELIK Version: All Version Tested on: All versions are Vulnerability Web Site: www.eyupcelik.com.tr Issue: Reflected XSS Risk level: High Malicious users may inject JavaScript, VBScript, ActiveX, HTML or...

CMS Wizard Cross Site Scripting

================================================================= -=CMS wizard Cross Site Scripting ================================================================= Author: XaDaL Date: 14-02-2012 vendor: http://www.cmswizard.co.uk/ tested on: windows mobile dork : powered by CMS wizard This...

Avant Browser Address Bar Spoofing Vulnerability

This host is installed with Avant Browser and is prone to Address Bar Spoofing vulnerability. OpenVAS Vulnerability Test $Id: gbavantbrowseraddrbarspoofingvuln.nasl 4865 2016-12-28 16:16:43Z teissa $ Avant Browser Address Bar Spoofing Vulnerability Authors: Sharath S Copyright: Copyright c 2009...