CVE-2017-7205

A Cross-Site Scripting XSS was discovered in GamePanelX-V3 3.0.12. The vulnerability exists due to insufficient filtration of user-supplied data a passed to the "GamePanelX-V3-master/ajax/ajax.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the...

CVE-2017-7203

A Cross-Site Scripting XSS was discovered in ZoneMinder before 1.30.2. The vulnerability exists due to insufficient filtration of user-supplied data postLoginQuery passed to the "ZoneMinder-master/web/skins/classic/views/js/postlogin.js.php" URL. An attacker could execute arbitrary HTML and scrip...

CVE-2017-7204

A Cross-Site Scripting XSS was discovered in imdbphp 5.1.1. The vulnerability exists due to insufficient filtration of user-supplied data name passed to the "imdbphp-master/demo/search.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable...

Moodle 3.2.x < 3.2.2 Multiple Vulnerabilities

Binary data 700011.prm...

F-Secure Anti-Virus Remote Code Execution Vulnerability

F-Secure is an antivirus program developed by a Finnish company. A remote code execution vulnerability exists in F-Secure Anti-Virus. An attacker could exploit the vulnerability to execute arbitrary script code in the environment of a system account...

Cisco UCS Director Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation ...

Cisco Prime Service Catalog Multiple Cross-Site Scripting Vulnerabilities

A vulnerability in the web framework code of the Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of the affected system. The vulnerability is due to insufficient input validation of some...

CVE-2017-6906

An issue was discovered in SiberianCMS before 4.10.0. The vulnerability exists due to insufficient filtration of user-supplied data log passed to the "SiberianCMS-master/errors/500.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable...

CVE-2017-6907

An issue was discovered in Open.GL before 2017-03-13. The vulnerability exists due to insufficient filtration of user-supplied data content passed to the "Open.GL-master/index.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website...

Authorization

An issue was discovered in Open.GL before 2017-03-13. The vulnerability exists due to insufficient filtration of user-supplied data content passed to the "Open.GL-master/index.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website...

Authorization

An issue was discovered in SiberianCMS before 4.10.0. The vulnerability exists due to insufficient filtration of user-supplied data log passed to the "SiberianCMS-master/errors/500.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable...

CVE-2017-6906

An issue was discovered in SiberianCMS before 4.10.0. The vulnerability exists due to insufficient filtration of user-supplied data log passed to the "SiberianCMS-master/errors/500.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable...

CVE-2017-6908

An issue was discovered in concrete5 = 5.6.3.4. The vulnerability exists due to insufficient filtration of user-supplied data fID passed to the "concrete5-legacy-master/web/concrete/tools/files/selectordata.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the...

MantisBT 2.2.x < 2.2.1 Multiple XSS

Binary data 700004.prm...

Microsoft Edge CVE-2017-0069 Spoofing Vulnerability

Description Microsoft Edge is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Edge...

Microsoft Internet Explorer and Edge CVE-2017-0033 Spoofing Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected...

Microsoft SharePoint CVE-2017-0107 Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

Microsoft Internet Explorer and Edge CVE-2017-0012 Spoofing Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected...

Cross site scripting

Multiple Cross-Site Scripting XSS issues were discovered in webpagetest 3.0. The vulnerabilities exist due to insufficient filtration of user-supplied data benchmark, url passed to the webpagetest-master/www/benchmarks/trendurl.php URL. An attacker could execute arbitrary HTML and script code in ...

Cross site scripting

Multiple Cross-Site Scripting XSS issues were discovered in webpagetest 3.0. The vulnerabilities exist due to insufficient filtration of user-supplied data configs passed to the webpagetest-master/www/benchmarks/compare.php URL. An attacker could execute arbitrary HTML and script code in a browse...