WordPress Share This Image 1.03 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Credit Ricardo Sanchez Vulnerable Share This Image 1.03 Share This Image is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute...

WordPress Yakadanda Google+ Hangout Events 0.3.7 XSS Vulnerability

WordPress Yakadanda Google+ Hangout Events plugin version 0.3.7 suffers from a cross site scripting vulnerability. Credit Ricardo Sanchez Vulnerable Yakadanda Google+ Hangout Events 0.3.7 Yakadanda Google+ Hangout Events is prone to a stored cross-site scripting vulnerability because it fails to...

WordPress Itinerary 1.0.0 Cross Site Scripting

Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Itinerary 1.0.0 Itinerary is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

WordPress Share This Image 1.03 Cross Site Scripting

Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Share This Image 1.03 Share This Image is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script co...

WordPress Pinterest Badge 1.8.0 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Credit Ricardo Sanchez Vulnerable Pinterest Badge 1.8.0 Pinterest Badge is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute...

WordPress Qiniu Cloudtuchuang 1.8 Cross Site Scripting Vulnerability

Wordpress Qiniu Cloudtuchuang 七牛云图床 plugin version 1.8 is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Title: WordPress Qiniu Cloudtuchuang a,caoa3/4ao 1.8 Cross Site Scripting File: Class Input Validation Error Remote Yes Cred...

WordPress Qiniu Cloudtuchuang 1.8 Cross Site Scripting

Title: WordPress Qiniu Cloudtuchuang a,caoa3/4ao 1.8 Cross Site Scripting File: Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Qiniu Cloudtuchuang a,caoa3/4ao 1.8 Qiniu Cloudtuchuang a,caoa3/4ao is prone to a stored cross-site scripting vulnerability because it fails to...

Emby MediaServer 3.2.5 Reflected XSS Vulnerability

Summary Emby formerly Media Browser is a media server designed to organize, play, and stream audio and video to a variety of devices. Emby is open-source, and uses a client-server model. Two comparable media servers are Plex and Windows Media Center. Description Emby suffers from a XSS issue due ...

WordPress Z-URL Preview 1.6.1 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Vulnerable Z-URL Preview 1.6.1 Z-URL Preview is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

CVE-2017-17057

There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The vulnerability exists due to insufficient filtration of user-supplied data in the 'Range' field of the 'Department' module in a Personnel Advanced Query. A remote attacker can execute arbitrary HTML and script code in the browse...

Cross site scripting

There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The vulnerability exists due to insufficient filtration of user-supplied data in the 'Range' field of the 'Department' module in a Personnel Advanced Query. A remote attacker can execute arbitrary HTML and script code in the browse...

CVE-2017-17057

There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The vulnerability exists due to insufficient filtration of user-supplied data in the 'Range' field of the 'Department' module in a Personnel Advanced Query. A remote attacker can execute arbitrary HTML and script code in the browse...

ZKTeco ZKTime Web 2.0.1.12280 Cross Site Scripting Vulnerability

ZKTeco ZKTime Web version 2.0.1.12280 suffers from a cross site scripting vulnerability. 1. Introduction Vendor: ZKTeco Affected Product: ZKTime Web - 2.0.1.12280 Fixed in: Vendor Website: https://www.zkteco.com/product/ZKTimeWeb2.0435.html Vulnerability Type: Reflected XSS Remote Exploitable: Ye...

CVE-2017-12366

A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the...

Cross site scripting

A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Jabber for Windows, Mac, Android, and iOS could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Jabber for Windows, Mac, Android, and iOS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is du...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

ZKTeco ZKTime Web 2.0.1.12280 Cross Site Scripting

Introduction Vendor: ZKTeco Affected Product: ZKTime Web - 2.0.1.12280 Fixed in: Vendor Website: https://www.zkteco.com/product/ZKTimeWeb2.0435.html Vulnerability Type: Reflected XSS Remote Exploitable: Yes CVE: CVE-2017-17057 2. Overview There is a reflected XSS vulnerability in ZKTime Web. The...

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...