5 matches found
EUVD-2026-17885
Multiple stored cross-site scripting XSS vulnerabilities in the submitadduser.asp endpoint of DDSN Interactive Acora CMS v10.7.1 allow attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name and Last Name parameters...
PT-2026-29530
Multiple stored cross-site scripting XSS vulnerabilities in the submit add user.asp endpoint of DDSN Interactive Acora CMS v10.7.1 allow attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name and Last Name parameters...
CVE-2026-29598
Multiple stored cross-site scripting XSS vulnerabilities in the submitadduser.asp endpoint of DDSN Interactive Acora CMS v10.7.1 allow attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name and Last Name parameters...
CVE-2026-29598
Multiple stored cross-site scripting XSS vulnerabilities in the submitadduser.asp endpoint of DDSN Interactive Acora CMS v10.7.1 allow attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the First Name and Last Name parameters...
CVE-2026-29598
CVE-2026-29598 affects DDSN Interactive Acora CMS v10.7.1, with multiple stored XSS vulnerabilities in the submit_add_user.asp endpoint. The First Name and Last Name fields are injectable, allowing an attacker to have scripts/HTML executed in the context of the victim’s browser. The CVE entry spe...