5 matches found
CVE-2021-24514
The Visual Form Builder WordPress plugin before 3.0.4 does not sanitise or escape its Form Name, allowing high privilege users such as admin to set Cross-Site Scripting payload in them, even when the unfilteredhtml capability is disallowed...
CVE-2021-40840
A Stored XSS issue exists in the admin/users user administration form in LiveConfig 2.12.2...
LiveConfig 跨站脚本漏洞
LiveConfig is a control panel software from the German company LiveConfig. It is used to simplify server configuration and ensure reliable and secure operation. A security vulnerability exists in LiveConfig version 2.12.2, which stems from an XSS issue in the admin/users user management form...
Cyber Cafe Management System SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Cyber Cafe Management System - Authentication Bypass Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in index.php/users/form/userid in MyClientBase 0.12 allow remote attackers to inject arbitrary web script or HTML via the 1 firstname or 2 lastname parameters...