WordPress Kunze Law plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Kunze Law plugin, which originates from obtaining HTML content from a remote server and injecting it into a page...

WordPress plugin Kunze Law 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Kunze Law plugin, which originates from obtaining HTML content from a remote server and injecting it into a page...

CVE-2019-25280

Yahei-PHP Prober 0.4.7 contains a remote HTML injection vulnerability that allows attackers to execute arbitrary HTML code through the 'speed' GET parameter. Attackers can inject malicious HTML code in the 'speed' parameter of prober.php to trigger cross-site scripting in user browser sessions...

CVE-2019-25280 Yahei-PHP Prober 0.4.7 Remote HTML Injection via Speed Parameter

Yahei-PHP Prober 0.4.7 contains a remote HTML injection vulnerability that allows attackers to execute arbitrary HTML code through the 'speed' GET parameter. Attackers can inject malicious HTML code in the 'speed' parameter of prober.php to trigger cross-site scripting in user browser sessions...

IBM Aspera Faspex 安全漏洞

IBM Aspera Faspex is an International Business Machines IBM solution for rapid global person-to-person file delivery and collaboration. A security vulnerability exists in IBM Aspera Faspex 5 5.0.14.1 and prior versions, which originates from a remote attacker who can inject malicious HTML code th...

EUVD-2017-0188

Malware in sbrugna...

EUVD-2007-3225

Malware in sbrugna...

EUVD-2016-7444

Malware in sbrugna...

CVE-2015-5356

Cross-site scripting XSS vulnerability in admin/filebrowser.php in GetSimple CMS before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the func parameter...

PT-2023-23733 · Ibm · Ibm Maximo Application Suite +1

Name of the Vulnerable Software and Affected Versions: IBM Maximo Application Suite versions 8.9 through 8.10 IBM Maximo Asset Management versions 7.6.1.2 through 7.6.1.3 Description: A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web...

SUSE CVE-2006-6942

Multiple cross-site scripting XSS vulnerabilities in PhpMyAdmin before 2.9.1.1 allow remote attackers to inject arbitrary HTML or web script via 1 a comment for a table name, as exploited through a dboperations.php, 2 the db parameter to b dbcreate.php, 3 the newname parameter to dboperations.php...

MGASA-2020-0374 Updated novnc package fixes a security vulnerability

An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name. CVE-2017-18635...

Yahei-PHP Prober 0.4.7 HTML Injection

Yahei-PHP Prober v0.4.7 speed Remote HTML Injection Vulnerability Vendor: Yahei.Net Product web page: http://www.yahei.net Affected version: 0.4.7 Summary: Detection of system web server operating environment. Desc: Input passed to the GET parameter 'speed' is not properly sanitised before being...

CVE-2019-3562

A remote web page could inject arbitrary HTML code into the Oculus Browser UI, allowing an attacker to spoof UI and potentially execute code. This affects the Oculus Browser starting from version 5.2.7 until 5.7.11...

The vulnerability of the onUploadLogPic component of the software controller allows for the insertion of arbitrary HTML code by intruders, enabling them to manipulate wireless networks through the D-Link Central WiFi Manager.

The vulnerability of the onUploadLogPic component of the software controller for D-Link Central WiFi Manager’s centralized wireless network management system is related to insufficient restrictions on file uploads. Exploiting this vulnerability allows a malicious actor to inject arbitrary HTML co...

YMFE YApi Cross-Site Scripting Vulnerability

YMFE YApi is a visual interface management platform. A cross-site scripting vulnerability exists in the item name field in YMFE YApi version 1.3.23. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

Cross-site scripting vulnerability in multiple IBM products (CNVD-2018-24625)

IBM Rational Collaborative Lifecycle Management CLM is a set of collaborative lifecycle management solutions.Rational Quality Manager RQM is a set of collaborative, web-based quality management solutions. IBM Rational Collaborative Lifecycle Management CLM is a collaborative lifecycle management...

Cross-Site Scripting Vulnerability in Multiple EMC Products

EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA Identity Management and Governance are products of EMC Corporation.EMC RSA Identity Governance and Lifecycle is a suite of lifecycle management solutions; EMC RSA Identity Management and Governance IMG is a suite...

Microsoft SharePoint Cross-Site Scripting Vulnerability (CNVD-2016-01170)

SharePoint Server is an integrated suite of server capabilities that provides comprehensive content management and enterprise search, accelerates shared business processes and simplifies information sharing across boundaries. Microsoft SharePoint Foundation 2013 SP1 has a cross-site scripting...

The vulnerability of the Firefox browser, which allows a hacker to execute cross-site scripting attacks

The vulnerability of the nsCSPHostSrc::permits function in Firefox exists due to the lack of measures taken to protect web page structures. Exploiting this vulnerability allows a malicious actor to inject arbitrary HTML code remotely...