Fortinet FortiManager and FortiAnalyzer Cross-Site Scripting Vulnerabilities

Fortinet FortiManager and Fortinet FortiAnalyzer are products of Fortinet, a centralized network security management solution; Fortinet FortiAnalyzer is a centralized network security reporting solution. Fortinet FortiManager is a centralized network security management solution; Fortinet...

Fortinet FortiManager and FortiAnalyzer Cross-Site Scripting Vulnerabilities (CNVD-2016-06377)

Fortinet FortiManager and Fortinet FortiAnalyzer are products of Fortinet, a centralized network security management solution; Fortinet FortiAnalyzer is a centralized network security reporting solution. Fortinet FortiManager is a centralized network security management solution; Fortinet...

WordPress plugin 13-moon synchronometer cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability in WordPress plugin 13-moon synchronometer version 2.1.1 allows attacker...

WordPress plugin analytics-counter cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability in the WordPress plugin analytics-counter version 3.2.0 allows attackers...

WordPress plugin border-loading-bar cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability in the WordPress plugin border-loading-bar version 1.0 allows attackers ...

WordPress bwtf-waterquality plugin cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in version 2.1 of the WordPress bwtf-waterquality plugin, which...

Tenable Network Security Tenable Nessus Cross-Site Scripting Vulnerability (CNVD-2016-06082)

Tenable Network Security Tenable Nessus is an open source vulnerability scanner from Tenable Network Security, USA. A cross-site scripting vulnerability exists in versions of Tenable Network Tenable Nessus prior to 6.8, which stems from the software failing to properly filter user-submitted input...

Multiple Vulnerabilities in Wordpress Event-Registration Plugin

WordPress is a blogging platform developed in PHP by the WordPress Software Foundation.Event-Registratio is one of the plugins for managing registrations and payments online. HTML injection vulnerability and SQL injection vulnerability exists in the Wordpress Event-Registration plugin, which can ...

WordPress Bulletproof Security plugin cross-site scripting vulnerability (CNVD-2016-05861)

WordPress is a blogging platform developed in PHP by the WordPress Software Foundation.BulletProof Security is one of the security plugins against brute force cracking. Cross-site scripting vulnerability exists in versions of the WordPress Bulletproof Security plugin prior to 0.53.4, which can be...

WordPress Brafton 'BraftonAdminPage.php' plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's suite of blogging platforms developed using the PHP language.Brafton is one of the plugins that makes it easier for users to deploy WordPress sites. A cross-site scripting vulnerability exists in the WordPress Brafton plugin version 3.3.1, which ca...

LastPass has multiple vulnerabilities

LastPass LastPass Password Manager is a free cross-platform online password management tool from LastPass, Inc. in the United States. The tool can be integrated with browsers and provides them with password management, autofill forms and other features, support for random password generation,...

Wordpress ColorWay Theme Cross-Site Scripting Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites set up on PHP and MySQL servers.ColorWay theme is one of the plug-ins that support custom themes. A cross-site scripting vulnerability exists in WordPress...

Multiple Vulnerabilities in Cube Digital Media Neoscreen

The Cube Digital Media Neoscreen is a smart display from the French company Cube Digital Media. A security vulnerability exists in Cube Digital Media Neoscreen version 4.5. An attacker can exploit this vulnerability to execute arbitrary script code in the context of an affected site, steal...

Multiple Vulnerabilities in F-Secure KEY for Desktop

F-Secure KEY for Desktop is a password manager from the Finnish company F-Secure. A security vulnerability exists in F-Secure KEY for Desktop versions 4.3.101 through 4.3.129. An attacker can exploit the vulnerability to execute arbitrary script code in the context of the affected site, steal...

Huawei ISM Professional Cross-Site Scripting Vulnerability

Huawei ISM is a suite of device management software, cloud storage management software, and network storage management software from Huawei, China.Huawei ISM Professional is the professional version of Huawei ISM. A cross-site scripting vulnerability exists in Huawei ISM Professional that...

Multiple vulnerabilities in the Huge-IT Image Gallery extension for Joomla!

Joomla! is the U.S. Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds , site search and other features . Huge-IT Image Gallery is one of the image gallery extension plug-ins . A SQL injection vulnerability and a cross-site scripti...

Multiple Cross-Site Scripting Vulnerabilities in Zen Cart

Zen Cart is Zen Cart team developed an open source shopping cart system . Multiple cross-site scripting vulnerabilities exist in Zen Cart 1.5.4 and previous versions. An attacker can exploit this vulnerability to execute arbitrary script code, steal cookie-based authentication and launch other...

Wordpress BulletProof Security plugin cross-site scripting vulnerability

WordPress is a blogging platform developed in PHP by the WordPress Software Foundation.BulletProof Security is one of the security plugins against brute force cracking. A cross-site scripting vulnerability exists in version 0.53.2 of the WordPress Bulletproof Security plugin. An attacker can...

LiteCart CMS 'order_id' Parameter Cross-Site Scripting Vulnerability

LiteCart CMS is a free PHP-based e-commerce content management system CMS. A cross-site scripting vulnerability exists in LiteCart CMS version 1.3.4. An attacker can exploit the vulnerability to execute arbitrary script code, steal cookie-based authentication and launch other attacks...

WordPress CloudFlare plugin has multiple cross-site scripting vulnerabilities

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language. cloudFlare is one of the CDN Content Delivery Network acceleration service plug-in. WordPress CloudFlare plugin version 1.3.20 has multiple cross-site scripting vulnerabilities. An attacker...