CVE-2026-6995

A security flaw has been discovered in BDCOM P3310D 0.4.2 10.1.0F Build 86345. The impacted element is an unknown function of the file /index.asp of the component New User Page. Performing a manipulation of the argument User name results in cross site scripting. The attack may be initiated...

CVE-2026-3983

A security flaw has been discovered in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This affects an unknown part of the file save-games.php. The manipulation of the argument gamename results in cross site scripting. The attack may be performed from remote. The exploit...

CVE-2026-1146

A vulnerability has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this issue is some unknown functionality of the file /php/apiregisterpatient.php. Such manipulation of the argument firstName/lastName leads to cross site scripting. The...

CVE-2025-15204 SohuTV CacheCloud QuartzManageController.java doQuartzList cross site scripting

A vulnerability was determined in SohuTV CacheCloud up to 3.2.0. Affected is the function doQuartzList of the file src/main/java/com/sohu/cache/web/controller/QuartzManageController.java. Executing manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The...

CVE-2025-9734 O2OA Personal Profile stat cross site scripting

A security flaw has been discovered in O2OA up to 10.0-410. The impacted element is an unknown function of the file /xqueryassembledesigner/jaxrs/stat of the component Personal Profile Page. The manipulation of the argument name/alias/description/applicationName results in cross site scripting. T...

CVE-2023-0639

A vulnerability was found in TRENDnet TEW-652BRP 3.04b01 and classified as problematic. This issue affects some unknown processing of the file getset.ccp of the component Web Management Interface. The manipulation of the argument nextPage leads to cross site scripting. The attack may be initiated...

PT-2023-26009 · Unknown · Creativeitem Mastery Lms

Name of the Vulnerable Software and Affected Versions: Creativeitem Mastery LMS version 1.2 Description: A problematic vulnerability has been found in Creativeitem Mastery LMS. This issue affects an unknown part of the file /browse. The manipulation of the argument search/featured/recommended/ski...

CVE-2020-24897

The Table Filter and Charts for Confluence Server app before 5.3.25 for Atlassian Confluence allow remote attackers to inject arbitrary HTML or JavaScript via cross site scripting XSS through the provided Markdown markup to the "Table from CSV" macro...

IBM WebSphere Portal Cross-Site Scripting Vulnerability (CNVD-2018-01031)

IBM WebSphere Portal is a suite of enterprise portal software from IBM. The software creates a platform that connects the internal and external parts of an organization, allowing employees, customers and suppliers to access internal data through the platform. A cross-site scripting vulnerability...