CVE-2024-11493

A vulnerability classified as problematic was found in 115cms up to 20240807. This vulnerability affects unknown code of the file /index.php/setpage/admin/pageAE.html. The manipulation of the argument tid leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

CVE-2024-11491

A vulnerability was found in 115cms up to 20240807. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php/admin/web/useradmin.html. The manipulation of the argument ks leads to cross site scripting. The attack may be launched remotely. The...

PT-2024-16850 · Ibphoenix · Ibphoenix Ibwebadmin

Name of the Vulnerable Software and Affected Versions: IBPhoenix ibWebAdmin versions up to 1.0.2 Description: A vulnerability was found in IBPhoenix ibWebAdmin, affecting some unknown processing of the file /database.php of the component Banco de Dados Tab. The manipulation of the argument db log...

CVE-2024-10754

A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/assets/plugins/DataTables/media/unittesting/templates/dymanictable.php. The manipulation of the argument scripts leads to cross site...

CVE-2024-10747

A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /admin/assets/plugins/DataTables/media/unittesting/templates/domdatath.php. The manipulation of the argument scripts leads to cross site scripting. The...

The vulnerability in the web interface for managing microprogramming software-based Cisco Firepower Threat Defense (FTD) allows a attacker to execute cross-site scripting attacks.

The vulnerability of the web interface for managing Cisco Firepower Management Center FMC software involves a lack of measures taken to protect the web page structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

CVE-2024-10197

A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /managesupplier.php of the component Manage Supplier Page. The manipulation of the argument address leads to cross site scripting. It is...

The vulnerability of Power BI report servers, related to the lack of protective measures for website structures, allows attackers to execute cross-site scripting attacks.

The vulnerability of the Power BI report server is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

CVE-2024-9320

A vulnerability has been found in SourceCodester Online Timesheet App 1.0 and classified as problematic. This vulnerability affects unknown code of the file /endpoint/add-timesheet.php of the component Add Timesheet Form. The manipulation of the argument day/task leads to cross site scripting. Th...

PT-2024-38541 · Fastcms · Fastcms

Name of the Vulnerable Software and Affected Versions: FastCMS versions up to 0.1.5 Description: A vulnerability was found in the New Article Category Page component of FastCMS, affecting an unknown function. This issue leads to cross-site scripting and can be exploited remotely. The exploit has...

CVE-2024-7660

A vulnerability has been found in SourceCodester File Manager App 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Add File Handler. The manipulation of the argument File Title/Uploaded By leads to cross site scripting. The attack can ...

The vulnerability in the web application for managing IP addresses, phpipam’s /app/admin/powerDNS/record-edit.php script, allows a attacker to execute XSS attacks.

The vulnerability in the web application for managing IP addresses, /app/admin/powerDNS/record-edit.php, exists due to the lack of security measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...

CVE-2024-7218

A flaw has been found in SourceCodester/Campcodes School Log Management System 1.0. Affected is an unknown function of the file /admin/ajax.php?action=savestudent. Executing manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote. The exploit ha...

PT-2024-37572 · Labvantage · Labvantage Lims

Name of the Vulnerable Software and Affected Versions: LabVantage LIMS version 2017 WPML affected versions not specified Description: A problematic issue affects the processing of the file "/labvantage/rc?command=page" of the component POST Request Handler. The manipulation of the argument param1...

The vulnerability of the Debug Mode mode in the PHP framework Yii allows attackers to perform cross-site scripting attacks.

The vulnerability of the Debug Mode mode in the Yii PHP framework lies in the lack of protection for the structure of web pages, due to incorrect handling of function arguments during stack tracing. Exploiting this vulnerability allows an attacker to perform cross-site scripting attacks remotely...

The vulnerability of the microprogramming software for Avocent DSR2030 and Avocent SVIP1020 arises from the lack of measures taken to protect the structure of web pages. This vulnerability allows attackers to carry out cross-site scripting attacks.

The vulnerability of the microprogramming software for Avocent DSR2030 and Avocent SVIP1020 exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to carry out XSS attacks...

The vulnerability in the web interface of the software for centralized control of Cisco TelePresence Management Suite allows a perpetrator to perform cross-site scripting attacks.

The vulnerability in the web interface of the Cisco TelePresence Management Suite software for centralized control of video systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

CVE-2024-4737

A vulnerability was found in Campcodes Legal Case Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/vendor. The manipulation of the argument companyname/mobile leads to cross site scripting. It is possible to initiate the attack remotely...

CVE-2024-4727

A vulnerability was found in Campcodes Legal Case Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/court-type. The manipulation of the argument courtname leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2024-4721

A vulnerability classified as problematic has been found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /model/addstudentsubject.php. The manipulation of the argument index leads to cross site scripting. It is possible to initiate the attack...