14 matches found
CVE-2018-25054
A vulnerability was found in shred cilla. It has been classified as problematic. Affected is an unknown function of the file cilla-xample/src/main/webapp/WEB-INF/jsp/view/search.jsp of the component Search Handler. The manipulation of the argument details leads to cross site scripting. It is...
Apache Jackrabbit contains Cross-site Scripting
Multiple cross-site scripting XSS vulnerabilities in Apache Jackrabbit before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the q parameter to 1 search.jsp or 2 swr.jsp...
aik.or.kr XSS vulnerability
Open Bug Bounty ID: OBB-665036 Description| Value ---|--- Affected Website:| aik.or.kr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
cherrypointunderground.com XSS vulnerability
Vulnerable URL: http://cherrypointunderground.com/search.jsp?w=%3Csvg/onload=alert/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 29.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...
bloombase.com XSS vulnerability
Vulnerable URL: https://www.bloombase.com/download/search.jsp Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 4344854 VIP website status:| No Check bloombase.com SSL connection:|...
fillin.cn XSS vulnerability
Vulnerable URL: http://fillin.cn:8080/fillinnew/web/map/search.jsp?schoolname=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown /...
Apache JackRabbit 2.0.0 - webapp XPath Injection
Title: Apache JackRabbit webapp XPath Injection Author: ADEO Security Published: 11/08/2010 Version: 2.0.0 Possible all versions Vendor: http://www.apache.org Download: http://www.apache.org/dyn/closer.cgi/jackrabbit/2.0.0/jackrabbit-2.0.0-src.zip Description: "Apache Jackrabbit is a fully...
CVE-2008-5172
CVE-2008-5172 describes multiple cross-site scripting (XSS) vulnerabilities in Yazd Forum Software 3.x . The affected components are the web pages and parameters: (1) the query parameter q to search.jsp , and (2) the message parameter msg to error.jsp and userAccount.jsp . The root cause is an in...
Unfixed XSS vulnerability at clubsnsw.com.au.tmp.anchor.net.au
Security researcher MaXWeL, has submitted on 02/06/2007 a cross-site-scripting XSS vulnerability affecting clubsnsw.com.au.tmp.anchor.net.au, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 03/06/2007. I...
CVE-2006-3313
Cross-site scripting XSS vulnerability in search.jsp in Netsoft smartNet 2.0 allows remote attackers to inject arbitrary web script or HTML via the keyWord parameter...
CVE-2006-3313
Netsoft smartNet 2.0 is affected by a cross-site scripting (XSS) vulnerability in search.jsp that allows remote attackers to inject arbitrary web script or HTML via the keyWord parameter. Affected component: search.jsp in Netsoft smartNet 2.0; root cause: unsanitized/unsafely handled keyWord inpu...
CVE-2006-3313
Cross-site scripting XSS vulnerability in search.jsp in Netsoft smartNet 2.0 allows remote attackers to inject arbitrary web script or HTML via the keyWord parameter...
PT-2006-4206 · Netsoft · Smartnet
Name of the Vulnerable Software and Affected Versions: Netsoft smartNet version 2.0 Description: The issue is related to a cross-site scripting XSS vulnerability. It allows remote attackers to inject arbitrary web script or HTML via the keyWord parameter in the "search.jsp" file. Recommendations:...
CVE-2004-1544
CVE-2004-1544 describes a cross-site scripting (XSS) vulnerability in JSPWiki, affecting Search.jsp in JSPWiki 2.1.120-cvs and earlier. The issue allows remote attackers to execute arbitrary web script as other users via the query parameter. According to NVD metrics, the vulnerability has a low-m...