Sales & Company Management System Cross-Site Scripting Vulnerability

Sales & Company Management System SCMS is a sales and company management system. The system includes features such as customer management, product management and tax management. A cross-site scripting vulnerability exists in the memberemail.php file in SCMS 2018-06-06 and prior versions, which ca...

TIBCO Statistica Server TIBCO Statistica Component Cross-Site Scripting Vulnerability

TIBCO Statistica Server is a suite of job servers from TIBCO Software that provides a governance framework for shared workspaces and reusable templates.Statistica is one of the components... A cross-site scripting vulnerability exists in the web application of the TIBCO Statistica component in...

Jupyter Notebook Cross-Site Scripting Vulnerability (CNVD-2019-09601)

Jupyter Notebook is an open source web application that creates and shares documents containing live code, equations, visualizations, and narrative text. A cross-site scripting vulnerability exists in Jupyter Notebook versions prior to 5.7.2, which stems from a failure to securely handle URLs in...

Centreon Cross-Site Scripting Vulnerability (CNVD-2019-00828)

Centreon formerly known as Merethis Centreon is an open source IT monitoring software suite from Centreon France that needs to be paired with Nagios to manage Nagios via the web and third-party components to enable monitoring of networks, operating systems and applications. A cross-site scripting...

Microsoft Azure App Services on Azure Stack Cross-Site Scripting Vulnerability

Microsoft Azure App Services on Azure Stack is a suite of Platform-as-a-Service PaaS solutions from Microsoft Corporation USA. The product supports the creation of Web, API, and Azure applications for multiple platforms and devices. A cross-site scripting vulnerability exists in Microsoft Azure A...

CVE-2018-0699

Cross-site scripting vulnerability in YukiWiki 2.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

DomainMOD cross-site scripting vulnerability (CNVD-2019-07973)

DomainMOD is an open source application for managing your domain names and other Internet assets in a centralized location. A cross-site scripting vulnerability exists in DomainMOD versions 4.11.01 and earlier, which can be exploited by remote attackers to inject arbitrary web script or HTML via...

DomainMOD cross-site scripting vulnerability (CNVD-2019-07972)

DomainMOD is an open source application for managing your domain names and other Internet assets in a centralized location. A cross-site scripting vulnerability exists in DomainMOD versions 4.11.01 and earlier, which can be exploited by remote attackers to inject arbitrary web script or HTML via...

Cisco Prime Service Catalog Cross-Site Scripting Vulnerability (CNVD-2019-01895)

Cisco Prime Service Catalog PSC is a service catalog solution from Cisco USA that provides all IT services through a single portal. The solution supports automated ordering of a unified service catalog for computing, networking, storage, and other data center resources. A cross-site scripting...

Arcserve Unified Data Protection Cross-Site Scripting Vulnerability

Arcserve Unified Data Protection UDP is a set of unified data protection solutions from Arcserve, Inc. in the United States. The solution provides backup and recovery of all virtual and physical environments, global deduplication, and more. A cross-site scripting vulnerability exists in the...

Pagoda Linux panel cross-site scripting vulnerability

Pagoda Linux panel is a Linux hosting panel from China Pagoda Pagoda Network Technology Company. A cross-site scripting vulnerability exists in Pagoda Linux panel version 6.0. The vulnerability can be exploited by a remote attacker to inject arbitrary web script or HTML via a CAPTCHA associated...

D-link DSL-2640T Cross-Site Scripting Vulnerability

The D-link DSL-2640T is a wireless router from AUO D-Link. A cross-site scripting vulnerability exists in the cgi-bin/webcm page in the D-link DSL-2640T. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML with the 'var:RelaodHref' or 'var:conid' parameter...

Mitel ST 14.2 Cross-Site Scripting Vulnerability

Mitel ST is a video conferencing product from Mitel Canada. conferencing is one of the teleconferencing components. A cross-site scripting vulnerability exists in the conferencing component of Mitel ST 14.2 GA29 19.49.9400.0 and prior versions, which stems from the program failing to adequately...

Mitel MiVoice Office 400 web admin component cross-site scripting vulnerability

Mitel MiVoice Office 400 is a small and medium-sized business communications solution from Mitel Canada. The product includes features such as video conferencing, voice calls, etc. web admin is one of the web-based management components. A cross-site scripting vulnerability exists in the web admi...

F5 BIG-IP AFM Cross-Site Scripting Vulnerability (CNVD-2019-01910)

F5 BIG-IP AFM is an advanced firewall product from F5 USA for protection against DDos attacks. A cross-site scripting vulnerability exists in the TMUI page in F5 BIG-IP AFM versions 13.0.0 through 13.1.1.1 and 12.1.0 through 12.1.3.6, which can be exploited by a remote attacker to inject arbitrar...

Symantec Web Isolation Cross-Site Scripting Attack Vulnerability

Symantec Web Isolation is a Web security protection software from Symantec USA. The software is mainly used to prevent malware and phishing attacks, etc. A cross-site scripting vulnerability exists in Symantec Web Isolation version 1.11. A remote attacker can exploit this vulnerability to execute...

Aryanic HighPortal Cross-Site Scripting Vulnerability

Aryanic HighPortal is an enterprise portal system based on Java and ASP.NET. A cross-site scripting vulnerability exists in Aryanic HighPortal version 12.5. A remote attacker can exploit this vulnerability by adding tags to inject arbitrary web script or HTML...

BigTree CMS cross-site scripting vulnerability (CNVD-2018-21319)

Fastspot BigTree is the United States Fastspot company based on PHP and MySQL open source content management system CMS. A cross-site scripting vulnerability exists in /admin/ajax/file-browser/upload/ in Fastspot BigTree version 4.2.23. A remote attacker can exploit this vulnerability to inject...

PTC ThingWorx Platform Cross-Site Scripting Vulnerability

The PTC ThingWorx Platform is a suite of platforms for developing and deploying industrial IoT applications and augmented reality AR. A cross-site scripting vulnerability exists in SQUEAL in PTC ThingWorx Platform versions 6.5 through 8.2. A remote attacker could exploit the vulnerability to...

LUYA CMS Cross-Site Scripting Vulnerability

LUYA CMS is a scalable content management system CMS. A cross-site scripting vulnerability exists in LUYA CMS version 1.0.12. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via /admin/api-cms-nav/create-page...