6722 matches found
SoftCOM iKSORIS 跨站脚本漏洞
SoftCOM iKSORIS is an application from SoftCOM, Inc. A cross-site scripting vulnerability exists in SoftCOM iKSORIS versions prior to 79.0, which stems from a reflective cross-site scripting attack that could lead to malicious script execution...
SoftCOM iKSORIS 跨站脚本漏洞
SoftCOM iKSORIS is an application from SoftCOM, Inc. A cross-site scripting vulnerability exists in SoftCOM iKSORIS versions prior to 79.0, which stems from a reflective cross-site scripting attack that could lead to malicious script execution...
SoftCOM iKSORIS 跨站脚本漏洞
SoftCOM iKSORIS is an application from SoftCOM, Inc. A cross-site scripting vulnerability exists in SoftCOM iKSORIS versions prior to 79.0, which stems from a reflective cross-site scripting attack that could lead to malicious script execution...
CVE-2025-27084
A vulnerability in the Captive Portal of an AOS-10 GW and AOS-8 Controller/Mobility Conductor could allow a remote attacker to conduct a reflected cross-site scripting XSS attack. Successful exploitation could enable the attacker to execute arbitrary script code in the victim's browser within the...
IBM Sterling Control Center 跨站脚本漏洞
IBM Sterling Control Center is an application system from International Business Machines IBM. A centralized monitoring and management system. IBM Sterling Control Center suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping o...
Anchor CMS 0.12.7 - Stored Cross Site Scripting (XSS)
Exploit Title: Anchor CMS 0.12.7 - Stored Cross Site Scripting XSS Date: 04/28/2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://anchorcms.com/ Software Link: https://github.com/anchorcms/anchor-cms/archive/refs/tags/0.12.7.zip Version: latest Tested on: MacOS Log in to Anchor CMS...
phpIPAM cross-site scripting vulnerability (CNVD-2025-06929)
phpIPAM is phpIPAM open source set of open source PHP and MySQL based IP address management application IPAM. phpIPAM suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an...
ForestBlog keywords parameter cross-site scripting vulnerability
ForestBlog is a blogging system. A cross-site scripting vulnerability exists in ForestBlog 20250321 and earlier versions, which stems from the lack of effective filtering and escaping of user-supplied data by the parameter keywords, and can be exploited by an attacker to execute arbitrary Web...
CVE-2025-30292
CVE-2025-30292 affects Adobe ColdFusion: versions 2023.12, 2021.18, 2025.0 and earlier are vulnerable to a reflected Cross-Site Scripting (XSS) issue. If a victim is convinced to visit a URL referencing a vulnerable page, malicious JavaScript can execute in the user’s browser context, potentially...
Hewlett Packard Enterprise AOS(HPE AOS) 安全漏洞
Hewlett Packard Enterprise AOS HPE AOS is a network operating system for data centers, campuses, and edges from Hewlett Packard Enterprise USA. A security vulnerability exists in Hewlett Packard Enterprise AOS HPE AOS that stems from a reflective cross-site scripting vulnerability that allows an...
CVE-2024-46494
A cross-site scripting XSS vulnerability in Typecho v1.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into Name parameter under a comment for an Article...
CVE-2024-46494
A cross-site scripting XSS vulnerability in Typecho v1.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into Name parameter under a comment for an Article...
CVE-2025-3087
Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts...
CVE-2025-2159
Stored XSS in Desktop UI in M-Files Server Admin tool before version 25.3.14681.7 on Windows allows authenticated local user to run scripts via UI...
RHEL 9 : libreoffice (RHSA-2025:3408)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3408 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a...
RHEL 7 : libreoffice (RHSA-2025:3390)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3390 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a...
RHEL 9 : libreoffice (RHSA-2025:3550)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3550 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a...
RHEL 9 : libreoffice (RHSA-2025:3548)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3548 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a...
CVE-2025-3087 Stored XSS Vulnerability in M-Files Web
Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts...
CVE-2025-3087
CVE-2025-3087 concerns a stored XSS in M-Files Web. Affected are M-Files Web versions 25.1.14445.5 through 25.2.14524.4. The issue arises from stored cross-site scripting that can be triggered by an authenticated user who can run scripts. Documented impact is that scripts may be executed in the u...