Lucene search
K

533 matches found

Vulnrichment
Vulnrichment
added 2022/06/12 7:40 a.m.6 views

CVE-2018-25039 Thomson TCW710 RgUrlBlock.asp Persistent cross site scriting

A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been declared as problematic. This vulnerability affects unknown code of the file /goform/RgUrlBlock.asp. The manipulation of the argument BasicParentalNewKeyword with the input alert1 as part of POST Request leads to cross site...

3.5CVSS5.7AI score0.00509EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/06/10 9:30 a.m.10 views

CVE-2017-20036 PHPList Bounce Rule Persistent cross site scriting

A vulnerability, which was classified as problematic, was found in PHPList 3.2.6. Affected is an unknown function of the file /lists/admin/ of the component Bounce Rule. The manipulation leads to cross site scripting Persistent. It is possible to launch the attack remotely. Upgrading to version...

3.5CVSS5.6AI score0.00569EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/06/10 9:30 a.m.7 views

CVE-2017-20035 PHPList Subscribe Persistent cross site scriting

A vulnerability, which was classified as problematic, has been found in PHPList 3.2.6. This issue affects some unknown processing of the file /lists/admin/ of the component Subscribe. The manipulation leads to cross site scripting Persistent. The attack may be initiated remotely. Upgrading to...

3.5CVSS5.6AI score0.00569EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/06/10 9:30 a.m.5 views

CVE-2017-20034 PHPList List Name Persistent cross site scriting

A vulnerability classified as problematic was found in PHPList 3.2.6. This vulnerability affects unknown code of the file /lists/admin/ of the component List Name. The manipulation leads to cross site scripting Persistent. The attack can be initiated remotely. Upgrading to version 3.3.1 is able t...

3.5CVSS5.6AI score0.00569EPSS
Exploits1References2
NVD
NVD
added 2022/05/25 4:15 p.m.23 views

CVE-2022-29408

Persistent Cross-Site Scripting XSS vulnerability in Vsourz Digital's Advanced Contact form 7 DB plugin = 1.8.7 at WordPress...

6.1CVSS0.00655EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/05/17 7:51 p.m.7 views

CVE-2022-29436 WordPress Code Snippets Extended plugin <= 1.4.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Persistent Cross-Site Scripting (XSS)

Persistent Cross-Site Scripting XSS vulnerability in Alexander Stokmann's Code Snippets Extended plugin = 1.4.7 on WordPress via Cross-Site Request Forgery vulnerable parameters &title, &snippetcode...

4.7CVSS5.3AI score0.00366EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/05/17 7:51 p.m.24 views

CVE-2022-29436 WordPress Code Snippets Extended plugin <= 1.4.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Persistent Cross-Site Scripting (XSS)

Persistent Cross-Site Scripting XSS vulnerability in Alexander Stokmann's Code Snippets Extended plugin = 1.4.7 on WordPress via Cross-Site Request Forgery vulnerable parameters &title, &snippetcode...

4.7CVSS6.4AI score0.00366EPSS
Exploits0References2
OSV
OSV
added 2022/04/25 5:15 p.m.5 views

CVE-2022-29418

Authenticated admin user role Persistent Cross-Site Scripting XSS in Mark Daniels Night Mode plugin = 1.0.0 on WordPress via vulnerable parameters: &ntmodepagesettingenable-me, &ntmodepagesettingbg-color, &ntmodepagesettingtxt-color, &ntmodepagesettinganccolor...

4.8CVSS5.8AI score0.00518EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/04/11 8:20 p.m.7 views

CVE-2022-24833 Persistent Cross-site Scripting (XSS) vulnerability in PrivateBin

PrivateBin is minimalist, open source online pastebin clone where the server has zero knowledge of pasted data. In PrivateBin v1.4.0 a cross-site scripting XSS vulnerability was found. The vulnerability is present in all versions from v0.21 of the project, which was at the time still called...

8.2CVSS7.3AI score0.01271EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/02/11 12:0 a.m.4 views

PT-2022-11246 · Tcman Gim · Tcman Gim

Name of the Vulnerable Software and Affected Versions: TCMAN GIM version 8.01 Description: The issue allows an attacker to perform persistent XSS attacks using the m txtNom and m txtCognoms parameters. This could be used to carry out browser-based attacks, including browser hijacking or theft of...

5.4CVSS5.2AI score0.00441EPSS
Exploits0References3
CVE
CVE
added 2021/12/28 1:15 p.m.53 views

CVE-2021-45903

A persistent cross-site scripting (XSS) vulnerability in SuiteCRM’s web interface enables remote injection of arbitrary JavaScript via attachments upload. Affected versions are SuiteCRM before 7.10.35, and 7.11.x, and 7.12.x before 7.12.2. Root cause involves inadequate input handling/sanitizatio...

6.1CVSS5.8AI score0.01121EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2021/11/08 5:15 a.m.7 views

CVE-2021-42078

PHP Event Calendar through 2021-11-04 allows persistent cross-site scripting XSS, as demonstrated by the /server/ajax/eventsmanager.php title parameter. This can be exploited by an adversary in multiple ways, e.g., to perform actions on the page in the context of other users, or to deface the sit...

6.1CVSS6.3AI score0.00864EPSS
Exploits3References2
OSV
OSV
added 2021/10/19 7:15 p.m.5 views

CVE-2021-31355

A persistent cross-site scripting XSS vulnerability in the captive portal graphical user interface of Juniper Networks Junos OS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a...

5.4CVSS5.8AI score0.00781EPSS
Exploits0References1
OSV
OSV
added 2021/08/18 1:15 a.m.17 views

CVE-2021-39267

Persistent cross-site scripting XSS in the web interface of SuiteCRM before 7.11.19 allows a remote attacker to introduce arbitrary JavaScript via a Content-Type Filter bypass to upload malicious files. This occurs because text/html is blocked, but other types that allow JavaScript execution such...

6.1CVSS6AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2021/08/16 2:15 p.m.30 views

CVE-2021-38757

Persistent cross-site scripting XSS in Hospital Management System targeted towards web admin through contact.php...

6.1CVSS6.3AI score0.00876EPSS
Exploits2References3
OSV
OSV
added 2021/06/22 3:15 p.m.4 views

CVE-2020-22167

PHPGurukul Hospital Management System in PHP v4.0 has a Persistent Cross-Site Scripting vulnerability in \hms\admin\appointment-history.php. Remote registered users can exploit the vulnerability to obtain user cookie data...

5.4CVSS6.1AI score0.0052EPSS
Exploits1References1
Prion
Prion
added 2021/06/22 3:15 p.m.18 views

Cross site scripting

PHPGurukul Hospital Management System in PHP v4.0 has a Persistent Cross-Site Scripting vulnerability in \hms\admin\appointment-history.php. Remote registered users can exploit the vulnerability to obtain user cookie data...

3.5CVSS5.4AI score0.0052EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/06/22 2:13 p.m.47 views

CVE-2020-22167

PHPGurukul Hospital Management System v4.0 contains a persistent cross-site scripting (XSS) vulnerability in hms/admin/appointment-history.php. The issue allows remote registered users to exploit the page to obtain user cookie data, indicating an information disclosure risk via stored or reflecte...

5.4CVSS5.4AI score0.0052EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/06/22 2:13 p.m.24 views

CVE-2020-22167

PHPGurukul Hospital Management System in PHP v4.0 has a Persistent Cross-Site Scripting vulnerability in \hms\admin\appointment-history.php. Remote registered users can exploit the vulnerability to obtain user cookie data...

5.4AI score0.0052EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2021/05/17 12:0 a.m.256 views

Customer Relationship Management (CRM) System 1.0 - &#039;Category&#039; Persistent Cross site Scripting

Exploit Title: Customer Relationship Management CRM System 1.0 - 'Category' Persistent Cross site Scripting Date: 14-05-2021 Exploit Author: Vani K G Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Rows per page
Query Builder