27433 matches found
GitLab Cross-site Scripting (CVE-2022-1190)
A cross-site scripting vulnerability exists in GitLab. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Cisco Unified Communications Manager Cross-Site Scripting Vulnerability (CNVD-2022-50630)
Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A cross-site scripting...
Zoo Management System Cross-Site Scripting Vulnerability
PHPGURUKUL Zoo Management System is a zoo management system by Phpgurukul team. A cross-site scripting vulnerability exists in Zoo Management System v1.0, which stems from a lack of checksum filtering of user-supplied data and output in the Add Category feature. The vulnerability can be exploited...
CVE-2021-37524
Cross Site Scripting XSS vulnerability in FusionPBX 4.5.26 allows remote unauthenticated users to inject arbitrary web script or HTML via an unsanitized "path" parameter in resources/login.php...
CVE-2021-37524
Cross Site Scripting XSS vulnerability in FusionPBX 4.5.26 allows remote unauthenticated users to inject arbitrary web script or HTML via an unsanitized "path" parameter in resources/login.php...
Cross site scripting
Cross Site Scripting XSS vulnerability in FusionPBX 4.5.26 allows remote unauthenticated users to inject arbitrary web script or HTML via an unsanitized "path" parameter in resources/login.php...
CVE-2020-19897
A reflected Cross Site Scripting XSS in wuzhicms v4.1.0 allows remote attackers to execute arbitrary web script or HTML via the imgurl parameter...
Cross site scripting
A reflected Cross Site Scripting XSS in wuzhicms v4.1.0 allows remote attackers to execute arbitrary web script or HTML via the imgurl parameter...
CVE-2020-19897
A reflected Cross Site Scripting XSS in wuzhicms v4.1.0 allows remote attackers to execute arbitrary web script or HTML via the imgurl parameter...
QNAP FileStation Cross Site Scripting (CVE-2018-19943)
A cross site scripting vulnerability exists in QNAP FileStation. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
CVE-2022-33113
Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module...
CVE-2022-33113
CVE-2022-33113 affects Jfinal CMS v5.1.0. A cross-site scripting vulnerability allows an attacker to inject and trigger arbitrary JavaScript via a crafted payload in the keyword field of the Publish Blog module. The issue is documented across multiple feeds (including Red Hat, Veracode, CNVD and ...
CVE-2022-33113
Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the keyword text field under the publish blog module...
Haraj has cross-site scripting vulnerability
A cross-site scripting vulnerability exists in Haraj v3.7, a buying and selling platform from Haraj Saudi Arabia. The vulnerability stems from a lack of data validation filtering of user-supplied data and output in some DM components. An attacker could exploit this vulnerability to execute...
Haraj Cross-Site Scripting Vulnerability
A security vulnerability exists in Haraj v3.7, a buying and selling platform from Haraj Saudi Arabia, due to a cross-site scripting issue in the comments section of advertisements. An attacker could exploit the vulnerability to execute arbitrary Web script or HTML via a crafted POST request...
HelpDeskZ Cross-Site Scripting Vulnerability
HelpDeskZ is a PHP-based software that allows you to manage your site's support using a web-based support ticket system. Provides quality support. A cross-site scripting vulnerability exists in HelpDeskZ version v2.0.2, which stems from a lack of parameter filtering and escaping in...
WordPress Plugin Keep Backup Daily Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress plugin Keep Backup Daily version 2.0.2 and prior versions, which stems from insufficient...
WordPress Zephyr Project Manager plugin cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Sticky Popup plugin跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Sticky Popup plugin 1.2 and earlier versions have a cross-site scripting vulnerability, whi...
Cross-site Scripting in SEOmatic plugin
A cross-site scripting XSS vulnerability in the SEOmatic plugin 3.4.10 for Craft CMS 3 allows remote attackers to inject arbitrary web script via a GET to /index.php?action=seomatic/file/seo-file-link with url parameter containing the base64 encoded URL of a malicious web page / file and fileName...