BigTree-CMS 4.1.x < 4.1.9 XSS

Binary data 9553.prm...

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. SPDX-FileCopyrightText: 2016 Greenbone ...

ClipBucket Unspecified Cross Site Scripting Vulnerability

ClipBucket is prone to an unspecified cross site scripting vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Foxit Reader and PhantomPDF Remote Command Execution Vulnerability

Foxit Reader is China's Foxit Foxit Software Corporation produced a small PDF document viewing and printing program, PhantomPDF is a commercial version. A remote command execution vulnerability exists in Foxit Reader and PhantomPDF that could be exploited to allow an attacker to execute arbitrary...

Fortinet FortiAnalyzer and FortiManager 'Filenames' HTML Injection Vulnerability

Fortinet FortiManager is a centralized network security management solution; Fortinet FortiAnalyzer is a centralized network security reporting solution. An HTML injection vulnerability exists in FortiAnalyzer and FortiManager 'Filenames' that could be exploited by an attacker to steal cookie-bas...

Foxit Reader and Foxit PhantomPDF Out-of-Bounds Read/Write Remote Command Execution Vulnerability

Foxit Reader is China's Foxit Foxit Software Corporation produced a small PDF document viewing and printing program, PhantomPDF is a commercial version. Foxit Reader and Foxit PhantomPDF have an out-of-bounds read/write remote command execution vulnerability that could be exploited by an attacker...

ZKTeco ZKAccess Security System 5.3.1 - Persistent Cross-Site Scripting

Exploit for jsp platform in category web applications !-- ZKTeco ZKAccess Security System 5.3.1 Stored XSS Vulnerability Vendor: ZKTeco Inc. | Xiamen ZKTeco Biometric Identification Technology Co.,ltd Product web page: http://www.zkteco.com Affected version: 5.3.12252 Summary: ZKAccess Systems ar...

phpMyAdmin 4.0.10.x < 4.0.10.17 / 4.4.15.x < 4.4.15.8 / 4.6.x < 4.6.4 Multiple Vulnerabilities

Binary data 9538.prm...

Edmodo BB#1 - Persistent Input Validation Vulnerability

Document Title: =============== Edmodo BB1 - Persistent Input Validation Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1921 Release Date: ============= 2016-08-21 Vulnerability Laboratory ID VL-ID: ==================================== 192...

Cisco Smart Call Home Transport Gateway Cross-Site Scripting Vulnerability

A vulnerability in the web framework of the Cisco Smart Call Home Transport Gateway could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this...

ISPconfig v3.0.5.4p6 - Input Validation Vulnerabilities

Document Title: =============== ISPconfig v3.0.5.4p6 - Input Validation Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1909 Release Date: ============= 2016-08-16 Vulnerability Laboratory ID VL-ID: ==================================== 19...

Cisco IP Phone 8800 Series XSS Vulnerability (cisco-sa-20160810-ip-phone-8800)

Cisco IP Phone 8800 Series are prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if descriptio...

Fotoware Fotoweb Cross-site Scripting Vulnerability

Fotoware Fotoweb is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Iris ID IrisAccess ICU 7000-2 XSS / Cross Site Request Forgery

i? Iris ID IrisAccess ICU 7000-2 Multiple XSS and CSRF Vulnerabilities Vendor: Iris ID, Inc. Product web page: http://www.irisid.com Affected version: ICU Software: 1.00.08 ICU OS: 1.3.8 ICU File system: 1.3.8 EIF Firmware Channel 1: 1.9 EIF Firmware Channel 2: 1.9 Iris TwoPi: 1.4.5 Summary: The...

Cisco Meeting Server Persistent Cross-Site Scripting Vulnerability

A vulnerability in the web bridge that offers video via a web interface of Cisco Meeting Server Software, formerly Acano Conferencing Server, could allow an unauthenticated, remote attacker to conduct a persistent cross-site scripting XSS attack against a user of the web interface of an affected...

Microsoft Internet Explorer CVE-2016-3245 Security Bypass Vulnerability

Description Microsoft Internet Explorer is prone to a security-bypass vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. An attacker can exploit this issue to execute arbitrary script code in the context of the us...

Microsoft Internet Explorer Memory Corruption (MS16-084: CVE-2016-3242)

A memory corruption vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error while handling certain objects when processing HTML and script code. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could...

Microsoft Edge and Internet Explorer XSS Filter CVE-2016-3273 Information Disclosure Vulnerability

Description Microsoft Edge and Internet Explorer are prone to an information-disclosure vulnerability that affects the XSS Filter. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. An attacker can exploit this issue to execute...

Microsoft Internet Explorer Memory Corruption (MS16-084: CVE-2016-3240)

A memory corruption vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error while handling certain objects when processing HTML and script code. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could...

iBilling 3.7.0 Cross Site Scripting

Cross Site Scripting Stored: http://localhost/ibilling/index.php Parameters: msg, desc, account, phone, company, address, city, state, zip, tags, description, ref POST...