55 matches found
CVE-2026-32852
MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in...
EUVD-2026-14521
MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in...
CVE-2026-32852
MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in...
CVE-2026-32852 MailEnable < 10.55 Reflected XSS via FreeBusy.aspx StartDate Parameter
MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in...
CVE-2026-32852
MailEnable
CVE-2026-32852 MailEnable < 10.55 Reflected XSS via FreeBusy.aspx StartDate Parameter
MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in...
CVE-2026-32852
MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in...
PT-2026-27181
MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the StartDate parameter in...
MailEnable 跨站脚本漏洞
MailEnable is a Windows-based business email server. A cross-site scripting vulnerability exists in the MailEnable StartDate parameter, which stems from improper cleanup of the StartDate parameter in the FreeBusy.aspx form in the Webmail interface, and can be exploited by an attacker to execute...
CVE-2016-15051
Nagios XI versions prior to 5.2.4 are vulnerable to cross-site scripting XSS via the Reports interface through values from the startdate and enddate fields. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a...
CVE-2016-15051
Nagios XI versions prior to 5.2.4 are vulnerable to cross-site scripting XSS via the Reports interface through values from the startdate and enddate fields. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a...
CVE-2016-15051
Nagios XI versions prior to 5.2.4 are vulnerable to cross-site scripting XSS via the Reports interface through values from the startdate and enddate fields. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a...
CVE-2016-15051 Nagios XI < 5.2.4 XSS via Report startdate/enddate Fields
Nagios XI versions prior to 5.2.4 are vulnerable to cross-site scripting XSS via the Reports interface through values from the startdate and enddate fields. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a...
CVE-2016-15051 Nagios XI < 5.2.4 XSS via Report startdate/enddate Fields
Nagios XI versions prior to 5.2.4 are vulnerable to cross-site scripting XSS via the Reports interface through values from the startdate and enddate fields. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a...
EUVD-2021-21310
Malware in sbrugna...
EUVD-2022-37855
Malicious code in bioql PyPI...
EUVD-2022-37853
Malicious code in bioql PyPI...
EUVD-2022-37848
Malicious code in bioql PyPI...
CVE-2022-34953
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getOrderReport.php...
CVE-2022-34946
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the startDate parameter at getexpproduct.php...