4584 matches found
Tenable Nessus Cross-Site Scripting Vulnerability (CNVD-2018-10667)
Tenable Network Security Nessus is a highly scalable open source vulnerability scanner from Tenable Network Security, USA. A cross-site scripting vulnerability exists in Tenable Network Security Nessus versions prior to 7.1.0, which stems from the program failing to properly perform input...
CVE-2018-0581
Cross-site scripting vulnerability in ASUS RT-AC87U Firmware version prior to 3.0.0.4.378.9383 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2018-0578
Cross-site scripting vulnerability in PixelYourSite plugin prior to version 5.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2018-0579
Cross-site scripting vulnerability in Open Graph for Facebook, Google+ and Twitter Card Tags plugin prior to version 2.2.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2018-0577
Cross-site scripting vulnerability in WP Google Map Plugin prior to version 4.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2018-0576
Cross-site scripting vulnerability in Events Manager plugin prior to version 5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Drupal CKEditor Enhanced Image plugin cross-site scripting vulnerability
Drupal is a free, open source content management system developed in PHP and maintained by the Drupal community.CKEditor is one of the text editors.Enhanced Image aka image2 is one of the image enhancement plugins. A cross-site scripting vulnerability exists in the Enhanced Image plugin in Drupal...
Cisco WebEx Connect IM Cross-Site Scripting Vulnerability
Cisco WebEx Connect is the United States Cisco Cisco a simultaneous instant messaging, IP telephony, voice, video and web conferencing features such as client software. im is one of the instant messaging component. A cross-site scripting vulnerability exists in Cisco WebEx Connect IM, which stems...
Puppet Enterprise Console Cross-Site Scripting Vulnerability (CNVD-2018-09253)
Puppet is a set of configuration management tools based on client/server C/S architecture from Puppet Labs in the U.S. It can be used to manage configuration files, users, cron tasks, packages, system services, etc. Puppet Enterprise is its enterprise version.Puppet Enterprise Console is one of t...
Puppet Enterprise Console Cross-Site Scripting Vulnerability (CNVD-2018-09252)
Puppet is a set of configuration management tools based on client/server C/S architecture from Puppet Labs in the U.S. It can be used to manage configuration files, users, cron tasks, packages, system services, etc. Puppet Enterprise is its enterprise version.Puppet Enterprise Console is one of t...
Internet Shortcut used in Necurs malspam campaign
The Necurs botnet continues to be one of the most prolific malicious spam distributors, with regular waves of carefully-crafted attachments that are used to download malware. The majority of malspam campaigns that we track are targeting Microsoft Office with documents containing either macros or...
CVE-2018-0711
Cross-site scripting XSS vulnerability in QNAP QTS 4.3.3 build 20180126, QTS 4.3.4 build 20180315, and their earlier versions could allow remote attackers to inject arbitrary web script or HTML...
DiliCMS Cross-Site Scripting Vulnerability
DiliCMS aka DiligentCMS is a content management system CMS based on Codelgniter. A cross-site scripting vulnerability exists in the System Settings - Site Settings filing number field of the admin/index.php file in DiliCMS version 2.4.0. A remote attacker can exploit this vulnerability to inject...
Mitel MiVoice Connect Cross-Site Scripting Vulnerability (CNVD-2018-08583)
Mitel MiVoice Connect R1707-PREM and Mitel ST are both products of Mitel Canada.Mitel MiVoice Connect R1707-PREM is a Unified Communications Management Appliance.ST is a videoconferencing product.conferencing is one of the notification components. conferencing is one of the conference notificatio...
Mitel MiVoice Connect Cross-Site Scripting Vulnerability
Mitel MiVoice Connect R1707-PREM and Mitel ST are both products of Mitel Canada.Mitel MiVoice Connect R1707-PREM is a Unified Communications Management Appliance.ST is a videoconferencing product.conferencing is one of the notification components. conferencing is one of the conference notificatio...
CVE-2017-13073
Cross-site scripting XSS vulnerability in QNAP NAS application Photo Station versions 5.2.7, 5.4.3, and their earlier versions could allow remote attackers to inject arbitrary web script or HTML...
UBUNTU-CVE-2018-9861
Cross-site scripting XSS vulnerability in the Enhanced Image aka image2 plugin for CKEditor in versions 4.5.10 through 4.9.1; fixed in 4.9.2, as used in Drupal 8 before 8.4.7 and 8.5.x before 8.5.2 and other products, allows remote attackers to inject arbitrary web script through a crafted IMG...
Fastspot BigTree Cross-Site Scripting Vulnerability (CNVD-2018-08553)
Fastspot BigTree is the United States Fastspot company based on PHP and MySQL open source content management system CMS. A cross-site scripting vulnerability exists in the /core/inc/lib/less.php/test/index.php file in Fastspot BigTree version 4.2.22. A remote attacker can exploit this vulnerabili...
WordPress Cross-Site Scripting Vulnerability (CNVD-2018-08609)
WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the generator tag in WordPress versions prior to 4.9.5, which...
QNAP Cross-Site Scripting Vulnerability
QNAPS is a set of network storage devices from QNAP Systems, Inc. for home, SOHO, and SMB users. QNAPS is a network storage device for home, SOHO, and SMB users, and File Station is one of the file management applications. A cross-site scripting vulnerability exists in the shared links feature of...