CVE-2023-38973

A stored cross-site scripting XSS vulnerability in the Add Tag function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter...

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Add Tag function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter...

SUSE CVE-2020-24994

Stack overflow in the parsetag function in libass/assparse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file...

Cross-site Scripting (XSS) - Stored in microweber/microweber

Description There is a reflected XSS in creating and searching tag function . where any user can execute any malicious code results in the cookie stealing or Account takeover vulnerability Steps to Produce: Go to this particular URL URL Click on live edit , Now In the tag section and select the...

GHSA-9W49-M7XH-5R39 Cross-site scripting in papermerge

Multiple cross-site scripting XSS vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in...

Cross-site scripting in papermerge

Multiple cross-site scripting XSS vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in...

Papermerge Cross-Site Scripting Vulnerability

Papermerge is an open source document management system DMS for archiving and retrieving digital documents. Multiple cross-site scripting vulnerabilities exist in versions prior to Papermerge 1.5.2. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in...

Cross-Site Scripting (XSS)

atlas-dashboardv2 is vulnerable to cross-site scripting XSS attacks. The library does not sanitize the user input in the edit-tag function, allowing a malicious user to inject and execute arbitrary javascript...

The vulnerability of the PHP interpreter, which allows attackers to trigger a service failure or exert other effects.

The vulnerability of the exifprocessIFDTag function ext/exif/exif.c in the PHP interpreter exists due to incorrect checking of arguments for the spprintf function. Exploiting this vulnerability can allow a malicious actor to trigger a service failure memory overflow or potentially cause other...

Destoon Sql注入漏洞之3

简要描述： 过滤不严。 详细说明： 在api/js.php中 if$SERVER'QUERYSTRING' $exprise = isset$GET'tagexpires' ? intval$GET'tagexpires' : 0; $moduleid = isset$GET'moduleid' ? intval$GET'moduleid' : 0; $moduleid 3 or exit'document.write"Bad Parameter";'; $tag = $SERVER'QUERYSTRING'; $SERVER'QUERYSTRING' =...

ASPCMS 2.2.9 /admin_aspcms/_content/_Tag/AspCms_TagFun.asp SQL注入漏洞

No description provided by source...