25 matches found
EUVD-2018-8836
Malware in sbrugna...
EUVD-2018-8838
Malware in sbrugna...
CVE-2017-18639
Progress Sitefinity CMS before 10.1 allows XSS via /Pages Parameter : Page Title, /Content/News Parameter : News Title, /Content/List Parameter : List Title, /Content/Documents/LibraryDocuments/incident-request-attachments Parameter : Document Title, /Content/Images/LibraryImages/newsimages...
CVE-2017-18639
Progress Sitefinity CMS before 10.1 allows XSS via /Pages Parameter : Page Title, /Content/News Parameter : News Title, /Content/List Parameter : List Title, /Content/Documents/LibraryDocuments/incident-request-attachments Parameter : Document Title, /Content/Images/LibraryImages/newsimages...
CVE-2017-18639
Progress Sitefinity CMS prior to version 10.1 is vulnerable to cross-site scripting (XSS) via multiple parameters: /Pages Page Title, /Content/News News Title, /Content/List List Title, /Content/Documents/LibraryDocuments/incident-request-attachments Document Title, /Content/Images/LibraryImages/...
CVE-2018-17053
Cross-site scripting XSS vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17054...
Cross site scripting
Cross-site scripting XSS vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17053...
Cross site scripting
Cross-site scripting XSS vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17054...
CVE-2018-17054
Cross-site scripting XSS vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17053...
CVE-2018-17053
Cross-site scripting XSS vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17054...
CVE-2018-17054
Cross-site scripting XSS vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17053...
CVE-2018-17053
CVE-2018-17053 involves a cross-site scripting (XSS) vulnerability in the Identity Server component of Progress Sitefinity CMS, affecting Version 10.0 through 11.0. The issue allows authenticated or remote attackers to inject arbitrary web script or HTML via login-request parameters, potentially ...
CVE-2018-17054
CVE-2018-17054 is an XSS vulnerability in Sitefinity’s Identity Server component affecting Sitefinity CMS versions 10.0–11.0. The issue enables remote attackers to inject arbitrary web script or HTML via login request parameters. Connected sources confirm the identity of the vulnerable component ...
CVE-2018-17053
Cross-site scripting XSS vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17054...
Progress Sitefinity CMS Cross-Site Scripting Vulnerability
Progress Sitefinity CMS is an open source platform for building corporate websites and intranets. A cross-site scripting vulnerability exists in ServiceStack in Progress Sitefinity CMS versions 10.2 through 11.0. A remote attacker can exploit this vulnerability to inject arbitrary web script or...
CVE-2018-17056
Cross-site scripting XSS vulnerability in ServiceStack in Progress Sitefinity CMS versions 10.2 through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2018-17056
Cross-site scripting XSS vulnerability in ServiceStack in Progress Sitefinity CMS versions 10.2 through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in ServiceStack in Progress Sitefinity CMS versions 10.2 through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2018-17056
CVE-2018-17056 is an XSS vulnerability in ServiceStack used by Progress Sitefinity CMS. Connected sources confirm affected product/version range: Sitefinity 10.2.x through 11.0.x, with the underlying issue in the ServiceStack component enabling remote script/HTML injection via unspecified vectors...
CVE-2018-17055
CVE-2018-17055 affects Progress Sitefinity CMS, versions 4.0 through 11.0. The issue is an arbitrary file upload vulnerability related to image uploads. The provided documents do not specify the exact attack vector, exploit details, or affected components beyond the image-upload context, nor do t...