CVE-2021-20808

Cross-site scripting vulnerability in Search screen of Movable Type Movable Type 7 r.4903 and earlier Movable Type 7 Series, Movable Type 6.8.0 and earlier Movable Type 6 Series, Movable Type Advanced 7 r.4903 and earlier Movable Type Advanced 7 Series, Movable Type Premium 1.44 and earlier, and...

Multiple cross-site scripting vulnerabilities in Movable Type

Overview Movable Type provided by Six Apart Ltd. contains multiple cross-site scripting vulnerabilities listed below. Cross-site scripting vulnerability in Search screen CWE-79 - CVE-2021-20808 Cross-site scripting vulnerability in Create screens of Entry, Page, and Content Type CWE-79 -...

CVE-2021-3339

ModernFlow before 1.3.00.208 does not constrain web-page access to members of a security group, as demonstrated by the Search Screen and the Profile Screen...

Sql injection

Library Management System 1.0 has SQL Injection via the "Search for Books" screen...

CVE-2006-4255

Cross-site scripting XSS vulnerability in horde/imp/search.php in Horde IMP H3 before 4.1.3 allows remote attackers to include arbitrary web script or HTML via multiple unspecified vectors related to folder names, as injected into the vfolderlabel form field in the IMP search screen...

CVE-2006-4255

Cross-site scripting XSS vulnerability in horde/imp/search.php in Horde IMP H3 before 4.1.3 allows remote attackers to include arbitrary web script or HTML via multiple unspecified vectors related to folder names, as injected into the vfolderlabel form field in the IMP search screen...

PT-2006-5066 · Horde · Horde Imp H3

Name of the Vulnerable Software and Affected Versions: Horde IMP H3 versions prior to 4.1.3 Description: A cross-site scripting XSS issue allows remote attackers to include arbitrary web script or HTML via multiple unspecified vectors related to folder names, as injected into the vfolder label fo...