23 matches found
CVE-2025-62267
Multiple cross-site scripting XSS vulnerabilities in web content template’s select structure page in Liferay Portal 7.4.3.35 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, 7.4 update 35 through update 92 allow remote attackers to inject arbitrary we...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI CCM versions prior to 3.1.0 and Nagios XI version 5.8.0, which...
CVE-2025-59995
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Quick Template page that, when visited by another user, enables the attacker to execute commands with the target's...
CVE-2025-59994
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Quick Template page that, when visited by another user, enables the attacker to execute commands with the target's...
CVE-2025-59995
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Quick Template page that, when visited by another user, enables the attacker to execute commands with the target's...
CVE-2025-59995
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Quick Template page that, when visited by another user, enables the attacker to execute commands with the target's...
CVE-2025-59994
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Quick Template page that, when visited by another user, enables the attacker to execute commands with the target's...
CVE-2025-59994
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Quick Template page that, when visited by another user, enables the attacker to execute commands with the target's...
CVE-2025-59981
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Device Template Definition page that, when visited by another user, enables the attacker to execute commands with the...
CVE-2025-59995 Junos Space: Template creation through Definition is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Quick Template page that, when visited by another user, enables the attacker to execute commands with the target's...
CVE-2025-59994 Junos Space: Quick Template page is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Quick Template page that, when visited by another user, enables the attacker to execute commands with the target's...
CVE-2025-59994
CVE-2025-59994 affects Juniper Junos Space prior to 24.1R4, with an XSS flaw in the Quick Template page due to improper input neutralization during web page generation. An attacker can inject scripts that, when viewed by another user, may execute commands with the target’s permissions (including ...
CVE-2025-59994 Junos Space: Quick Template page is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Quick Template page that, when visited by another user, enables the attacker to execute commands with the target's...
PT-2025-41431
Name of the Vulnerable Software and Affected Versions Juniper Networks Junos Space versions prior to 24.1R4 Description An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' issue exists in Juniper Networks Junos Space. This allows an attacker to inject script tags...
PT-2025-41417
Name of the Vulnerable Software and Affected Versions Juniper Networks Junos Space versions prior to 24.1R4 Description An issue exists in Juniper Networks Junos Space that allows an attacker to inject script tags into the Device Template Definition page. When another user visits this page, the...
CVE-2024-25520
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /SysManage/sysblogtemplatenew.aspx...
RuvarOA 安全漏洞
RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the id parameter of the /SysManage/sysblogtemplatenew.aspx file that lacks validation of externally entered SQL statements. An attacker can exploit this...
CVE-2022-28864
An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website section. A malicious user can edit or add the templateName parameter in order to include malicious code, which is then downloaded as a .csv or .xlsx file and executed on a victim machine. Here, the...
ESONCN CMS to modify the file vulnerability-vulnerability warning-the black bar safety net
Without login you can modify the template page directly at the change at the front Desk of any of the files ! 2 0 1 3 0 2 1 9 1 3 3 5 2 6 ! 2 0 1 3 0 2 1 9 1 3 3 5 4 1 Write directly into Word. The chopper is connected ! 2 0 1 3 0 2 1 9 1 3 3 6 4 9...
Build a Niche Store v3.0 (BANS) Authentication Bypass Vulnerability
Exploit for php platform in category web applications =================================================================== Build a Niche Store v3.0 BANS Authentication Bypass Vulnerability =================================================================== + Exploit Title : Build a Niche Store v3....