6665 matches found
Cisco Jabber Clients Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Jabber for Windows, Mac, Android, and iOS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is du...
Cross site scripting
Huawei Email APP Vicky-AL00 smartphones with software of earlier than VKY-AL00C00B171 versions has a stored cross-site scripting vulnerability. A remote attacker could exploit this vulnerability to send email that storing malicious code to a smartphone and waiting for a user to access this email...
CVE-2017-8178
Huawei Email APP Vicky-AL00 smartphones with software of earlier than VKY-AL00C00B171 versions has a stored cross-site scripting vulnerability. A remote attacker could exploit this vulnerability to send email that storing malicious code to a smartphone and waiting for a user to access this email...
WordPress Advanced Post Type Ratings 1.1 Cross Site Scripting
Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Advanced Post Type Ratings Plugin 1.1 DFD Reddcoin Tips Plugin is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to...
Meeting Room Booking System Multiple Vulnerabilities
Meeting Room Booking System is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Cross site scripting
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service a cloud-based service could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are du...
CVE-2017-12320
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service a cloud-based service could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are du...
CVE-2017-12323
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service a cloud-based service could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are du...
Cross site scripting
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service a cloud-based service could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are du...
Cross site scripting
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service a cloud-based service could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are du...
Cross site scripting
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service a cloud-based service could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are du...
Cross site scripting
A vulnerability in the IOS daemon IOSd web-based management interface of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface on an affected device. The vulnerability is due ...
CVE-2017-12320
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service a cloud-based service could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are du...
CVE-2017-12291
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service a cloud-based service could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack or redirect a user of the affected service to an undesired web page. The vulnerabilities are du...
CVE-2017-12322
The CVE-2017-12322 issue concerns Cisco Registered Envelope Service (cloud-based web interface). Multiple vulnerabilities allow unauthenticated, remote attackers to perform cross-site scripting (XSS) or redirect users to malicious pages due to insufficient validation of user-supplied input. An at...
Adobe Connect Multiple Vulnerabilities (APSB17-35)
Adobe Connect is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:connect"; ifdescription...
WordPress AMP Toolbox 1.9.4 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Credit Ricardo Sanchez Vulnerable AMP Toolbox Plugin 1.9.4 AMP Toolbox Plugin is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute...
WordPress Affiliate Ads For Clickbank Products 1.3 XSS Vulnerability
WordPress Affiliate Ads for Clickbank Products plugin version 1.3 suffers from a cross site scripting vulnerability. Credit Ricardo Sanchez Vulnerable Affiliate Ads for Clickbank Products Plugin 1.3 Affiliate Ads for Clickbank Products Plugin is prone to a stored cross-site scripting vulnerabilit...
Microsoft ASP.NET Core CVE-2017-11879 Open Redirection Vulnerability
Description Microsoft ASP.NET Core is prone to an open-redirection vulnerability because it fails to properly sanitize user-supplied input. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be...
WordPress Boozang 1.0.0 Cross Site Scripting
Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Boozang Plugin 1.0.0 Boozang Plugin is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code ...