8 matches found
Code injection
DOM XSS in microweber ver 1.2.15 in GitHub repository microweber/microweber prior to 1.2.16. inject arbitrary js code, deface website, steal cookie...
Hotel And Lodge Management System 1.0 - 'Customer Details' Stored XSS
Exploit Title: Hotel And Lodge Management System 1.0 - 'Customer Details' Stored XSS Exploit Author: Jitendra Kumar Tripathi Vendor Homepage: https://www.sourcecodester.com/php/13707/hotel-and-lodge-management-system.html Software Link:...
CVE-2020-29233
WonderCMS 3.1.3 is affected by cross-site scripting XSS in the Page description component. This vulnerability can allow an attacker to inject the XSS payload in the Page description and each time any user will visits the website, the XSS triggers and attacker can steal the cookie according to the...
Cross site scripting
An issue was discovered on Moxa AWK-3121 1.14 devices. The session cookie "Password508" does not have an HttpOnly flag. This allows an attacker who is able to execute a cross-site scripting attack to steal the cookie very easily...
Ganesha Digital Library Multiple SQLi and XSS Vulnerabilities
Ganesha Digital Library is prone to multiple SQL injection SQLi and cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...
11in1 CMS 1.2.1 - index.php?class Traversal Local File Inclusion
11in1 CMS 1.2.1 - index.php?class Traversal Local File Inclusion source: https://www.securityfocus.com/bid/52025/info 11in1 is prone to a cross-site request-forgery and a local file include vulnerability. An attacker may leverage these issues to execute arbitrary script code in the browser of an...
dotProject Multiple XSS and SQLi Vulnerabilities
dotProject is prone to multiple cross-site scripting CSS and SQL injection SQLi vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...
Looking Glass - Cross-Site Scripting
Looking Glass - Cross-Site Scripting source: https://www.securityfocus.com/bid/14680/info Looking Glass is prone to a cross-site scripting vulnerability. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the software. Other attacks are also...