SAP Solution Manager Incident Management Work Center Cross-Site Scripting Vulnerability

SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...

Google Chrome interstitials command execution vulnerability

Google Chrome is a web browser developed by Google Inc. interstitials is one of the pop-up ads plug-ins. A security vulnerability exists in interstitials in Google Chrome, which stems from the program failing to properly validate user-submitted input. The vulnerability can be exploited by a remot...

CVE-2018-1000154

Zammad GmbH Zammad version 2.3.0 and earlier contains a Improper Neutralization of Script-Related HTML Tags in a Web Page CWE-80 vulnerability in the subject of emails which are not html quoted in certain cases. This can result in the embedding and execution of java script code on users browser...

Cacti cross-site scripting vulnerability (CNVD-2018-08317)

Cacti is based on PHP, MySQL, SNMP and RRDTool developed a set of graphical analysis of network traffic monitoring tools . Cacti suffers from a cross-site scripting vulnerability, which is caused by failing to properly filter HTML code from user-supplied input before displaying it, and can be...

CA API Developer Portal Cross-Site Scripting Vulnerability (CNVD-2018-06884)

CA API Developer Portal is a set of CA's API Application Programming Interface query function for software developers. A cross-site scripting vulnerability exists in the widgetID variable in CA API Developer Portal, which stems from the program failing to properly filter user-submitted HTML code....

CA API Developer Portal Cross-Site Scripting Vulnerability

CA API Developer Portal is a set of CA's API Application Programming Interface query function for software developers. A cross-site scripting vulnerability exists in the profile picture handling in CA API Developer Portal, which stems from the program failing to properly filter user-submitted HTM...

Safari vulnerable to script injection

Overview Safari provided by Apple Inc. contains a script injection vulnerability CWE-81 in the processing of displaying an error page when it fails to verify server certificates. In an error page Safari displays when it fails to verify server certificates, a domain name of the website accessed is...

CA API Developer Portal Cross-Site Scripting Vulnerability

CA API Developer Portal is a set of CA's API Application Programming Interface query function for software developers. A cross-site scripting vulnerability exists in the profile picture handling in CA API Developer Portal versions 3.5 through 3.5 CR6, which stems from the program failing to...

SAP Business Objects Business Intelligence Platform Cross-Site Scripting Vulnerability

SAP Business Objects Business Intelligence Platform is a set of business intelligence software and enterprise performance management platform from SAP. The platform provides reporting, performance management and data base functions. A cross-site scripting vulnerability exists in SAP Business...

canhovinhomes-saigon.com XSS vulnerability

Open Bug Bounty ID: OBB-587404 Description| Value ---|--- Affected Website:| canhovinhomes-saigon.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

McAfee ePolicy Orchestrator Directory Traversal and Cross-Site Scripting Vulnerability

McAfee ePolicy Orchestrator ePO is an industry-leading systems security management solution that helps organizations effectively defend against a wide range of malicious threats and attacks. Directory traversal and cross-site scripting vulnerabilities exist in McAfee ePolicy Orchestrator versions...

SAP NetWeaver RunTime Cross-Site Scripting Vulnerability

SAP NetWeaver RunTime is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A cross-site scripting vulnerability exists in SAP NetWeaver RunTime, which arises from the program's...

Eramba Cross-Site Scripting Vulnerability (CNVD-2018-06086)

Eramba is an open source, enterprise-level IT governance application from Eramba UK. The program features IT security, compliance auditing and analysis, and more. A cross-site scripting vulnerability exists in the error page of the CSV file inclusion tab of /importTool/preview URI in Eramba e...

QQQ SYSTEMS vulnerable to cross-site scripting

Overview QQQ SYSTEMS provided by Gundam Cult QQQ is a CGI script to create quiz pages. quiz.cgi of QQQ SYSTEMS contains a cross-site scripting vulnerability CWE-79. When a user accesses a malicious page and is redirected to a page created with the product, an arbitrary script may be executed on t...

Cisco Identity Services Engine Cross-Site Scripting Vulnerability (CNVD-2018-06462)

Cisco Identity Services Engine ISE is an identity-based environment awareness platform ISE Identity Services Engine from Cisco. The platform collects real-time information from the network, users and devices, and develops and enforces policies to regulate the network. A cross-site scripting...

Multiple Cross-Site Scripting Vulnerabilities in SAP BI Launchpad

SAP BI Launchpad is the gateway to BO4.0, BO4.0 SAP BusinessObjects a German company SAP SAP provides a wide range of business intelligence software, information management software, enterprise performance management solutions, regulatory, risk and compliance solutions. Multiple cross-site...

Cisco Data Center Analytics Framework Cross-Site Scripting Vulnerability (CNVD-2018-05306)

Cisco Data Center Analytics Framework DCAF application is a set of data center analytics frameworks from the U.S. company Cisco Cisco. A cross-site scripting vulnerability exists in the web-based management interface of the Cisco DCAF application, which stems from the program's failure to...

Cisco Prime Service Catalog Cross-Site Scripting Vulnerability (CNVD-2018-05348)

Cisco Prime Service Catalog PSC is a service catalog solution from Cisco USA that provides all IT services through a single portal. The solution supports automated ordering of a unified service catalog for computing, networking, storage, and other data center resources. A cross-site scripting...

JVN#83834277: Multiple vulnerabilities in FS010W

FS010W provided by FUJI SOFT INCORPORATED is a WiFi router. FS010W contains multiple vulnerabilities listed below. Stored cross-site scripting CWE-79 - CVE-2018-0519 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N| Base Score: 4.3 CVSS v2|...

IBM WebSphere Portal Cross-Site Scripting Vulnerability (CNVD-2018-05492 )

IBM WebSphere Portal consists of middleware, applications called portlets and development tools for building and managing secure business-to-business B2B, business-to-customer B2C and business-to-employee B2E portals. A cross-site scripting vulnerability exists in IBM WebSphere Portal, which coul...