EUVD-2021-15746

Malware in sbrugna...

CVE-2022-38198

There is a reflected cross site scripting issue in the Esri ArcGIS Server services directory versions 10.9.1 and below that may allow a remote, unauthenticated attacker to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the victim’s browser...

CVE-2022-38198 BUG-000146513 - Reflected XSS vulnerability in ArcGIS Server

There is a reflected cross site scripting issue in the Esri ArcGIS Server services directory versions 10.9.1 and below that may allow a remote, unauthenticated attacker to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the victim’s browser...

PT-2022-24275 · Esri · Esri Arcgis Server

Name of the Vulnerable Software and Affected Versions: Esri ArcGIS Server services directory versions 10.9.1 and below Description: The issue is a reflected cross site scripting problem that may allow a remote, unauthenticated attacker to convince a user to click on a crafted link, potentially...

CVE-2021-29105

A stored Cross Site Scripting XSS vulnerability in Esri ArcGIS Server Services Directory version 10.8.1 and below may allow a remote authenticated attacker to pass and store malicious strings in the ArcGIS Services Directory...

CVE-2021-29105

A stored Cross Site Scripting XSS vulnerability in Esri ArcGIS Server Services Directory version 10.8.1 and below may allow a remote authenticated attacker to pass and store malicious strings in the ArcGIS Services Directory...

Cross site scripting

A stored Cross Site Scripting XSS vulnerability in Esri ArcGIS Server Services Directory version 10.8.1 and below may allow a remote authenticated attacker to pass and store malicious strings in the ArcGIS Services Directory...

CVE-2021-29105 There is a stored Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Server Services Directory version 10.8.1 and below.

A stored Cross Site Scripting XSS vulnerability in Esri ArcGIS Server Services Directory version 10.8.1 and below may allow a remote authenticated attacker to pass and store malicious strings in the ArcGIS Services Directory...

Esri Arcgis Server 跨站脚本漏洞

Arcgis Server is the United States Esri company's a Web-oriented can be used to provide geographic location services, enterprise-class software platform. A stored cross-site scripting vulnerability exists in the Arcgis Server Services Directory, which arises from the platform not validating user...

ForceControl Technology ForceControl Web Service Directory Arbitrary File Download Vulnerability

Forcecontrol is a monitoring and configuration software, mainly used for data acquisition and monitoring control. An arbitrary file download vulnerability exists in the ForceControl Web Services directory, which can be exploited by attackers to obtain sensitive information...

aviationservicesdirectory.com Cross Site Scripting vulnerability OBB-1318118

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

UBUNTU-CVE-2018-18248

Icinga Web 2 has XSS via the /icingaweb2/monitoring/list/services dir parameter, the /icingaweb2/user/list query string, the /icingaweb2/monitoring/timeline query string, or the /icingaweb2/setup query string...

limestone.servicesdirectory.org.au XSS vulnerability

Open Bug Bounty ID: OBB-569412 Description| Value ---|--- Affected Website:| limestone.servicesdirectory.org.au Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:|...

Cisco Unified MeetingPlace Web Services Directory Cross-Site Request Forgery Vulnerability

Cisco Unified MeetingPlace conferencing solutions allow organizations to host integrated voice, video, and web conferences. A cross-site request forgery vulnerability exists in the SOAP API endpoint of the web-services directory in Cisco Unified MeetingPlace version 8.6 1.9, which can be exploite...

Cisco Unified MeetingPlace Web Services Directory SOAP API Endpoints Cross-Site Request Forgery Vulnerability

A vulnerability in the SOAP application programming interface API endpoints of the web services directory of Cisco Unified MeetingPlace could allow an unauthenticated, remote attacker to perform a cross-site request forgery CSRF attack. The vulnerability is due to insufficient CSRF protections in...