5 matches found
CVE-2021-47922
Slider by Soliloquy 2.6.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the title parameter. Attackers can add JavaScript payloads in the title field when creating or editing sliders, which executes in the browsers of...
EUVD-2022-5626
Malicious code in bioql PyPI...
Alkacon Software OpenCMS 跨站脚本漏洞
Alkacon Software OpenCMS is an open source Java and XML based Content Management System CMS from Alkacon Software, Germany. The system supports template engines, WYSIWYG editors, and more. A cross-site scripting vulnerability exists in Alkacon Software OpenCMS version 16, which stems from a store...
emlog Cross-Site Scripting Vulnerability
emlog is a PHP and MySQL based CMS builder for emlog personal developers. A cross-site scripting vulnerability exists in emlog pro version v2.1.14, which originated from a vulnerability that allows attackers to execute arbitrary web script or HTML via a specially crafted payload injected into the...
CVE-2018-10752
The Tagregator plugin 0.6 for WordPress has stored XSS via the title field in an Add New action...