7648 matches found
CVE-2023-29455
Reflected XSS attacks, also known as non-persistent attacks, occur when a malicious script is reflected off a web application to the victim's browser. The script is activated through a link, which sends a request to a website with a vulnerability that enables execution of malicious scripts...
CVE-2023-29454 Persistent XSS in the user form
Stored or persistent cross-site scripting XSS is a type of XSS where the attacker first sends the payload to the web application, then the application saves the payload e.g., in a database or server-side text files, and finally, the application unintentionally executes the payload for every victi...
CVE-2023-29454 Persistent XSS in the user form
Stored or persistent cross-site scripting XSS is a type of XSS where the attacker first sends the payload to the web application, then the application saves the payload e.g., in a database or server-side text files, and finally, the application unintentionally executes the payload for every victi...
CVE-2023-37630
Online Piggery Management System 1.0 is vulnerable to Cross Site Scripting XSS. An unauthenticated user can POST JavaScript code to "manage-breed.php" resulting in Persistent XSS...
CVE-2023-37630
Online Piggery Management System 1.0 is vulnerable to Cross Site Scripting XSS. An unauthenticated user can POST JavaScript code to "manage-breed.php" resulting in Persistent XSS...
Cross site scripting
Online Piggery Management System 1.0 is vulnerable to Cross Site Scripting XSS. An unauthenticated user can POST JavaScript code to "manage-breed.php" resulting in Persistent XSS...
CISA and FBI Release Cybersecurity Advisory on Enhanced Monitoring to Detect APT Activity Targeting Outlook Online
The Cybersecurity and Infrastructure Security Agency CISA and Federal Bureau of Investigation FBI have released a joint Cybersecurity Advisory CSA, Enhanced Monitoring to Detect APT Activity Targeting Outlook Online, to provide guidance to agencies and critical infrastructure organizations on...
CVE-2023-37630
Online Piggery Management System 1.0 is vulnerable to Cross Site Scripting XSS. An unauthenticated user can POST JavaScript code to "manage-breed.php" resulting in Persistent XSS...
CVE-2023-37630
Online Piggery Management System 1.0 is vulnerable to Cross Site Scripting XSS. An unauthenticated user can POST JavaScript code to "manage-breed.php" resulting in Persistent XSS...
Malicious code in catteleya (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a9c8f112541c7f415a060c136109b57be2b983aeab2087f5ac85e0b553baec75 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Tiva Events Calender v1.4 - Cross Site Scripting Vulnerability
Document Title: =============== Tiva Events Calender v1.4 - Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2276 Release Date: ============= 2023-07-04 Vulnerability Laboratory ID VL-ID:...
Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities
Document Title: =============== Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2278 Release Date: ============= 2023-07-03 Vulnerability Laboratory ID VL-ID: ==================================...
Dooblou WiFi File Explorer 1.13.3 - Multiple Vulnerabilities
Document Title: =============== Dooblou WiFi File Explorer 1.13.3 - Multiple Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2317 Release Date: ============= 2023-07-03 Vulnerability Laboratory ID VL-ID:...
Boom CMS v8.0.7 - Cross Site Scripting Vulnerability
Document Title: =============== Boom CMS v8.0.7 - Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2274 Release Date: ============= 2023-07-02 Vulnerability Laboratory ID VL-ID: ==================================== 2274...
ASB-A-261723753
In PreferencesHelper.java, an uncaught exception may cause the device to get stuck in a boot loop. This could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
Cross site scripting
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit rights can edit all pages in the CKEditor' space. This makes it possible to perform a variety of harmful actions, such as removing technical documents, leading to loss of...
CVE-2023-36477 Persistent Cross-site Scripting (XSS) through CKEditor Configuration pages in XWiki Platform
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit rights can edit all pages in the CKEditor' space. This makes it possible to perform a variety of harmful actions, such as removing technical documents, leading to loss of...
PT-2023-4820 · Xwiki +1 · Xwiki Platform +1
Name of the Vulnerable Software and Affected Versions: XWiki Platform versions prior to 14.10.6 XWiki Platform versions prior to 15.1 XWiki Platform versions older than 14.6RC1 with CKEditor Integration extension prior to 1.64.9 Description: The issue allows any user with edit rights to edit all...
Important: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.5 security and bug fix update
OpenShift API for Data Protection OADP 1.1.5 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Malicious code in node-hsf (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e30143880959f7bbf83a547cd32a89f7a338b497a3408e3b16ae74d80e6ba4e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...