Cisco HyperFlex Cross-Site Scripting Vulnerability

Cisco HyperFlex Software is the United States Cisco Cisco company's set of scalable distributed file system. The system provides unified computing, storage and networking through cloud management, and provides enterprise-class data management and optimization services. A cross-site scripting...

SchoolCMS Cross-Site Scripting Vulnerability (CNVD-2019-35030)

SchoolCMS is an open source school teaching management system based on ThinkPHP framework. The system includes student management , grade management and teacher management . SchoolCMS cross-site scripting vulnerability , remote attackers can use the vulnerability to inject arbitrary Web script or...

Microsoft Team Foundation Server Cross-Site Scripting Vulnerability (CNVD-2019-24386)

Microsoft Team Foundation Server is a source code management, project management, and team collaboration platform within an application lifecycle management ALM tool suite. A cross-site scripting vulnerability in Microsoft Team Foundation Server 2018 Update version 3.2, which stems from the progr...

SAP Web Intelligence BI LaunchPad Cross-Site Scripting Vulnerability

SAP Web Intelligence BI LaunchPad is a Java- or HTML-based user interface for use in BusinessObjects tools from SAP, Germany. The product is mainly used to perform analytical reporting and data analysis. A cross-site scripting vulnerability in SAP Web Intelligence BI LaunchPad versions 4.10 and...

Cross-site Scripting Vulnerability in Hitachi Device Manager

Overview A Cross-site Scripting Vulnerability was found in Hitachi Device Manager. Impact Remote users can exploit this vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

Cacti cross-site scripting vulnerability (CNVD-2019-14552)

Cacti is an open source, web-based network monitoring and mapping tool, a front-end application designed for the data logging tool RRDtool. A cross-site scripting vulnerability exists in the 'Website Hostnam' field of the pollers.php file in versions of Cacti prior to 1.2.0, which stems from the...

Cacti cross-site scripting vulnerability (CNVD-2019-14553)

Cacti is an open source, web-based network monitoring and mapping tool, a front-end application designed for the data logging tool RRDtool. A cross-site scripting vulnerability exists in the 'Website Hostname' parameter of the host.php file in versions of Cacti prior to 1.2.0, which stems from th...

Cisco Webex Business Suite Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability exists in the MyWebex component of Cisco Webex Business Suite. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via a specially crafted URL...

Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability

Cisco TelePresence is a telepresence conferencing solution developed by Cisco. A cross-site scripting vulnerability exists in the web-based management interface in Cisco TelePresence Management Suite TMS, which can be exploited by a remote attacker with the help of a specially crafted link to...

Traccar Server Cross-Site Scripting Vulnerability

Traccar Server is an open source GPS tracking system. A cross-site scripting vulnerability exists in the protocol/SpotProtocolDecoder.java file in Traccar Server version 4.2, which can be exploited by a remote attacker to inject arbitrary Web script or HTML...

CVE-2018-16199

Cross-site scripting vulnerability in Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an remote attacker to inject arbitrary web script or HTML via unspecified vectors...

Multiple Cross-Site Scripting Vulnerabilities in Zenphoto

Zenphoto is a free photo gallery content management system developed by the Zenphoto team. The system manages images and supports multimedia such as audio and video. Zenphoto suffers from multiple cross-site scripting vulnerabilities. A remote attacker can exploit this vulnerability to inject...

SAP CRM WebClient UI Cross-Site Scripting Vulnerability

SAP CRM Customer Relationship Management is a set of German SAP SAP customer relationship management solutions. The program includes sales management, marketing management, customer service system and other modules. SAP CRM WebClient UI is one of the Web client interface. A cross-site scripting...

UCMS cross-site scripting vulnerability (CNVD-2019-00981)

UCMS is a content management system written in PHP. A cross-site scripting vulnerability exists in UCMS version 1.4.7. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with the help of the 'dir' parameter...

hsweb cross-site scripting vulnerability

hsweb is a set of projects for rapid construction of enterprise website backend management system, which integrates online code generation, rights management, single sign-on and dynamic multi-data source distributed transaction processing and other functions. A cross-site scripting vulnerability...

DouCo DouPHP Cross-Site Scripting Vulnerability (CNVD-2019-00999)

DouCo DouPHP is a lightweight open source CMS Content Management System based on PHP and MySQL. A cross-site scripting vulnerability exists in admin/article.php?rec=update in DouCo DouPHP version 1.5 20181221. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

DouCo DouPHP cross-site scripting vulnerability (CNVD-2019-00997)

DouCo DouPHP is a lightweight open source CMS Content Management System based on PHP and MySQL. A cross-site scripting vulnerability exists in admin/product.php?rec=update in DouCo DouPHP version 1.5 20181221. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

WESEEK GROWI Cross-Site Scripting Vulnerability (CNVD-2019-04901)

WESEEK GROWI is a suite of team collaboration software from WESEEK Japan. A cross-site scripting vulnerability exists in WESEEK GROWI 3.2.3 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary script in a user's web browser...

Allen-Bradley PowerMonitor 1000 Cross-Site Scripting Vulnerability

Rockwell Automation Allen-Bradley PowerMonitor 1000 is a power monitoring device from Rockwell Automation. A cross-site scripting vulnerability exists in the /Security/Security.shtm page in the Rockwell Automation Allen-Bradley PowerMonitor 1000. A remote attacker can exploit this vulnerability t...

CVE-2018-8917

Cross-site scripting XSS vulnerability in info.cgi in Synology DiskStation Manager DSM before 6.1.6-15266 allows remote attackers to inject arbitrary web script or HTML via the host parameter...