Lucene search
K

27433 matches found

Check Point Advisories
Check Point Advisories
added 2022/07/11 12:0 a.m.3 views

GitLab Cross-site Scripting (CVE-2022-1190)

A cross-site scripting vulnerability exists in GitLab. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

3.5CVSS4.9AI score0.87369EPSS
Exploits0
CNVD
CNVD
added 2022/07/07 12:0 a.m.329 views

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability (CNVD-2022-50630)

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A cross-site scripting...

6.1CVSS6.4AI score0.00656EPSS
Exploits0References1
CNVD
CNVD
added 2022/07/07 12:0 a.m.22 views

Zoo Management System Cross-Site Scripting Vulnerability

PHPGURUKUL Zoo Management System is a zoo management system by Phpgurukul team. A cross-site scripting vulnerability exists in Zoo Management System v1.0, which stems from a lack of checksum filtering of user-supplied data and output in the Add Category feature. The vulnerability can be exploited...

5.4CVSS5.4AI score0.00682EPSS
Exploits2References1
NVD
NVD
added 2022/07/01 6:15 p.m.9 views

CVE-2021-37524

Cross Site Scripting XSS vulnerability in FusionPBX 4.5.26 allows remote unauthenticated users to inject arbitrary web script or HTML via an unsanitized "path" parameter in resources/login.php...

6.1CVSS0.00709EPSS
Exploits0References2
OSV
OSV
added 2022/07/01 6:15 p.m.15 views

CVE-2021-37524

Cross Site Scripting XSS vulnerability in FusionPBX 4.5.26 allows remote unauthenticated users to inject arbitrary web script or HTML via an unsanitized "path" parameter in resources/login.php...

6.1CVSS5.8AI score
Exploits0References2
Prion
Prion
added 2022/07/01 6:15 p.m.12 views

Cross site scripting

Cross Site Scripting XSS vulnerability in FusionPBX 4.5.26 allows remote unauthenticated users to inject arbitrary web script or HTML via an unsanitized "path" parameter in resources/login.php...

4.3CVSS6AI score0.00709EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/06/28 10:15 p.m.17 views

CVE-2020-19897

A reflected Cross Site Scripting XSS in wuzhicms v4.1.0 allows remote attackers to execute arbitrary web script or HTML via the imgurl parameter...

6.1CVSS0.00718EPSS
Exploits1References1
Prion
Prion
added 2022/06/28 10:15 p.m.18 views

Cross site scripting

A reflected Cross Site Scripting XSS in wuzhicms v4.1.0 allows remote attackers to execute arbitrary web script or HTML via the imgurl parameter...

4.3CVSS6.2AI score0.00718EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/06/28 9:19 p.m.20 views

CVE-2020-19897

A reflected Cross Site Scripting XSS in wuzhicms v4.1.0 allows remote attackers to execute arbitrary web script or HTML via the imgurl parameter...

6.2AI score0.00718EPSS
Exploits1References1
Check Point Advisories
Check Point Advisories
added 2022/06/27 12:0 a.m.6 views

QNAP FileStation Cross Site Scripting (CVE-2018-19943)

A cross site scripting vulnerability exists in QNAP FileStation. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

3.5CVSS4.9AI score0.17705EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/06/23 5:15 p.m.1 views

CVE-2022-33113

Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module...

5.4CVSS6AI score0.00475EPSS
Exploits1References2
CVE
CVE
added 2022/06/23 12:44 p.m.92 views

CVE-2022-33113

CVE-2022-33113 affects Jfinal CMS v5.1.0. A cross-site scripting vulnerability allows an attacker to inject and trigger arbitrary JavaScript via a crafted payload in the keyword field of the Publish Blog module. The issue is documented across multiple feeds (including Red Hat, Veracode, CNVD and ...

5.4CVSS5.7AI score0.00475EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/06/23 12:44 p.m.42 views

CVE-2022-33113

Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module...

6AI score0.00475EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/20 12:0 a.m.23 views

Haraj has cross-site scripting vulnerability

A cross-site scripting vulnerability exists in Haraj v3.7, a buying and selling platform from Haraj Saudi Arabia. The vulnerability stems from a lack of data validation filtering of user-supplied data and output in some DM components. An attacker could exploit this vulnerability to execute...

5.4CVSS1.9AI score0.01122EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/20 12:0 a.m.25 views

Haraj Cross-Site Scripting Vulnerability

A security vulnerability exists in Haraj v3.7, a buying and selling platform from Haraj Saudi Arabia, due to a cross-site scripting issue in the comments section of advertisements. An attacker could exploit the vulnerability to execute arbitrary Web script or HTML via a crafted POST request...

5.4CVSS1.7AI score0.01122EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/15 12:0 a.m.27 views

HelpDeskZ Cross-Site Scripting Vulnerability

HelpDeskZ is a PHP-based software that allows you to manage your site's support using a web-based support ticket system. Provides quality support. A cross-site scripting vulnerability exists in HelpDeskZ version v2.0.2, which stems from a lack of parameter filtering and escaping in...

4.8CVSS5AI score0.00534EPSS
Exploits1References1
CNVD
CNVD
added 2022/06/15 12:0 a.m.21 views

WordPress Plugin Keep Backup Daily Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress plugin Keep Backup Daily version 2.0.2 and prior versions, which stems from insufficient...

6.1CVSS6AI score0.01031EPSS
Exploits0References1
CNVD
CNVD
added 2022/06/15 12:0 a.m.26 views

WordPress Zephyr Project Manager plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS6AI score0.01031EPSS
Exploits0References1
CNVD
CNVD
added 2022/06/15 12:0 a.m.18 views

WordPress Sticky Popup plugin跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Sticky Popup plugin 1.2 and earlier versions have a cross-site scripting vulnerability, whi...

5.5CVSS1.7AI score0.00526EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2022/06/13 12:0 a.m.37 views

Cross-site Scripting in SEOmatic plugin

A cross-site scripting XSS vulnerability in the SEOmatic plugin 3.4.10 for Craft CMS 3 allows remote attackers to inject arbitrary web script via a GET to /index.php?action=seomatic/file/seo-file-link with url parameter containing the base64 encoded URL of a malicious web page / file and fileName...

6.1CVSS3.8AI score0.01029EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder