19 matches found
Cross-site Scripting (XSS)
Overview ci4-cms-erp/ci4ms is a composer create-project ci4-cms-erp/ci4ms Affected versions of this package are vulnerable to Cross-site Scripting XSS via the tag name field in blog tag management. An attacker can execute arbitrary JavaScript in the browsers of users, including administrators, by...
CVE-2021-33347
An issue was discovered in JPress v3.3.0 and below. There are XSS vulnerabilities in the template module and tag management module. If you log in to the background by means of weak password, the storage XSS vulnerability can occur...
EUVD-2025-34574
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix blkmqtags double free while nrrequests grown In the case user trigger tags grow by queue sysfs attribute nrrequests, hctx-schedtags will be freed directly and replaced with a new allocated tags, see blkmqtagupdatedept...
EUVD-2021-20055
Malware in sbrugna...
CVE-2024-24822
Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. Prior to version 1.3.3, an attacker can create, delete etc. tags without having the permission to do so. A fix is available in version 1.3.3. As a workaround, one may apply the patch manually...
CVE-2021-46030
There is a Cross Site Scripting attack XSS vulnerability in JavaQuarkBBS = v2. By entering specific statements into the background tag management module, the attack statement will be stored in the database, and the next victim will be attacked when he accesses the tag module...
WordPress plugin WordPress Tag, Category, and Taxonomy Manager 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
CVE-2021-46030
There is a Cross Site Scripting attack XSS vulnerability in JavaQuarkBBS = v2. By entering specific statements into the background tag management module, the attack statement will be stored in the database, and the next victim will be attacked when he accesses the tag module...
CVE-2021-46030
There is a Cross Site Scripting attack XSS vulnerability in JavaQuarkBBS = v2. By entering specific statements into the background tag management module, the attack statement will be stored in the database, and the next victim will be attacked when he accesses the tag module...
CVE-2021-46030
There is a Cross Site Scripting attack XSS vulnerability in JavaQuarkBBS = v2. By entering specific statements into the background tag management module, the attack statement will be stored in the database, and the next victim will be attacked when he accesses the tag module...
Cross site scripting
There is a Cross Site Scripting attack XSS vulnerability in JavaQuarkBBS = v2. By entering specific statements into the background tag management module, the attack statement will be stored in the database, and the next victim will be attacked when he accesses the tag module...
CVE-2021-46030
The CVE-2021-46030 entry concerns a Cross-Site Scripting (XSS) vulnerability in JavaQuarkBBS versions up to v2. The root cause, as described across multiple connected documents, is insufficient data validation/filtering of user-supplied input in the background tag management module, allowing stor...
Netgen Tags Bundle 跨站脚本漏洞
Netgen Tags Bundle is an eZ platform package for category management and easier content categorization, providing more content tagging features than the field types included in the ezkeywordeZ distribution kernel. A security vulnerability exists in Netgen Tags Bundle, which stems from Netgen Tags...
CVE-2021-33347
An issue was discovered in JPress v3.3.0 and below. There are XSS vulnerabilities in the template module and tag management module. If you log in to the background by means of weak password, the storage XSS vulnerability can occur...
CVE-2021-33347
An issue was discovered in JPress v3.3.0 and below. There are XSS vulnerabilities in the template module and tag management module. If you log in to the background by means of weak password, the storage XSS vulnerability can occur...
Cross site scripting
An issue was discovered in JPress v3.3.0 and below. There are XSS vulnerabilities in the template module and tag management module. If you log in to the background by means of weak password, the storage XSS vulnerability can occur...
CVE-2021-33347
An issue was discovered in JPress v3.3.0 and below. There are XSS vulnerabilities in the template module and tag management module. If you log in to the background by means of weak password, the storage XSS vulnerability can occur...
JPress 跨站脚本漏洞
Jpress is a set of blogging platform developed in Java language by Jpress team. A cross-site scripting vulnerability exists in JPress v3.3.0 and below, which originates from the template module and tag management module...
SQL Injection Vulnerability in Five Fingers CMS Backend Tag Management Service
Five Fingers CMS is a professional content management system. Five Fingers CMS backend tag management system has SQL injection vulnerability, attackers can exploit the vulnerability to obtain database information...