Lucene search
K

27433 matches found

Github Security Blog
Github Security Blog
added 2022/05/17 2:37 a.m.23 views

phpMyAdmin XSS Vulnerability

Multiple cross-site scripting XSS vulnerabilities in the partition-range implementation in templates/table/structure/displaypartitions.phtml in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via crafted table parameters...

6.1CVSS6AI score0.01636EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/17 2:37 a.m.26 views

phpMyAdmin XSS Vulnerability

Cross-site scripting XSS vulnerability in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving a comment...

6.1CVSS5.9AI score0.01644EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/05/17 2:37 a.m.17 views

GHSA-GCVP-CWGW-WX8J phpMyAdmin XSS Vulnerability

Cross-site scripting XSS vulnerability in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving a comment...

6.1CVSS6.8AI score0.01644EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/05/17 2:24 a.m.19 views

Apache Solr Cross-site scripting Vulnerability

Cross-site scripting XSS vulnerability in webapp/web/js/scripts/schema-browser.js in the Admin UI in Apache Solr before 5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted schema-browse URL...

6.1CVSS5.9AI score0.03318EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/05/17 2:24 a.m.33 views

GHSA-4FXW-G29W-R8MX Apache Solr Cross-site scripting Vulnerability

Cross-site scripting XSS vulnerability in webapp/web/js/scripts/schema-browser.js in the Admin UI in Apache Solr before 5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted schema-browse URL...

6.1CVSS6AI score0.03318EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/05/17 2:17 a.m.13 views

typo3/cms-felogin Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in the frontend plugin for the felogin system extension in TYPO3 4.2.0, 4.2.1 and 4.2.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

4.3CVSS5.8AI score0.0105EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/17 2:17 a.m.13 views

Mayaa Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the org.seasar.mayaa.impl.engine.PageNotFoundException exception and possibly other exceptions...

4.3CVSS6.2AI score0.01263EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2022/05/17 2:17 a.m.17 views

GHSA-M3P9-C7P3-XXMP Mayaa Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in Mayaa before 1.1.23 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the default error page for the org.seasar.mayaa.impl.engine.PageNotFoundException exception and possibly other exceptions...

4.3CVSS5.7AI score0.01263EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2022/05/17 2:2 a.m.12 views

EC-CUBE XSS Vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in 1 data/Smarty/templates/default/list.tpl and 2 data/Smarty/templates/default/campaign/bloc/carttag.tpl in EC-CUBE before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.01937EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2022/05/17 2:2 a.m.14 views

GHSA-WGVV-5396-GGVJ EC-CUBE XSS Vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in 1 data/Smarty/templates/default/list.tpl and 2 data/Smarty/templates/default/campaign/bloc/carttag.tpl in EC-CUBE before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.6AI score0.01937EPSS
Exploits0References9
OSV
OSV
added 2022/05/17 2:1 a.m.11 views

GHSA-QJMG-77XH-7MJW Loggerhead XSS via filename

Cross-site scripting XSS vulnerability in templatefunctions.py in Loggerhead before 1.18.1 allows remote authenticated users to inject arbitrary web script or HTML via a filename, which is not properly handled in a revision view...

3.5CVSS4.9AI score0.01814EPSS
Exploits0References8
OSV
OSV
added 2022/05/17 1:59 a.m.17 views

GHSA-PCHF-755W-JJ6V QooxDoo XSS in Callback Parameter

Cross-site scripting XSS vulnerability in framework/source/resource/qx/test/jsonpprimitive.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to inject arbitrary web script or HTML via the callback parameter...

4.3CVSS5.7AI score0.02608EPSS
Exploits1References6
OSV
OSV
added 2022/05/17 1:58 a.m.28 views

GHSA-X24Q-XWRF-66JM Improper Neutralization of Input During Web Page Generation in Google Web Toolkit

Multiple cross-site scripting XSS vulnerabilities in the JUnit files in the GWTTestCase in Google Web Toolkit GWT before 2.5.1 RC1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.5AI score0.01057EPSS
Exploits0References7
OSV
OSV
added 2022/05/17 1:55 a.m.24 views

GHSA-9HW3-4GVP-8MV5 TYPO3 Cross-site scripting (XSS) vulnerability in the click enlarge functionality

Cross-site scripting XSS vulnerability in the click enlarge functionality in TYPO3 4.3.x before 4.3.9 and 4.4.x before 4.4.5 when the caching framework is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

2.6CVSS5.4AI score0.01631EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2022/05/17 1:55 a.m.24 views

TYPO3 Cross-site scripting (XSS) vulnerability in the FORM content object

Cross-site scripting XSS vulnerability in the FORM content object in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.6AI score0.01854EPSS
Exploits0References13Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/17 1:52 a.m.7 views

Symphony CMS vulnerable to Cross-site Scripting

Multiple cross-site scripting XSS vulnerabilities in Symphony CMS 2.2.3 and possibly other versions before 2.2.4 allow remote authenticated users with Author privileges to inject arbitrary web script or HTML via 1 the profile parameter to extensions/profiledevkit/content/content.profile.php, as...

3.5CVSS5.8AI score0.01866EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2022/05/17 1:49 a.m.18 views

GHSA-CMPM-JG8R-FV37 Apache Struts Multiple Cross-site Scripting Vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in Apache Struts 2.0.14 and 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 lastName parameter to struts2-showcase/person/editPerson.action, or the 3 clientName parameter to struts2-rest-showcase/orders...

4.3CVSS5.4AI score0.58476EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2022/05/17 1:49 a.m.23 views

Apache Struts Multiple Cross-site Scripting Vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in Apache Struts 2.0.14 and 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 lastName parameter to struts2-showcase/person/editPerson.action, or the 3 clientName parameter to struts2-rest-showcase/orders...

4.3CVSS6AI score0.58476EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/17 1:48 a.m.26 views

Fork CMS Multiple XSS Vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the 1 type or 2 querystring parameters to private/en/error or 3 name parameter to private/en/locale/index...

4.3CVSS6AI score0.04458EPSS
Exploits2References8Affected Software1
OSV
OSV
added 2022/05/17 1:48 a.m.19 views

GHSA-J5FJ-M342-MGCM Fork CMS Multiple XSS Vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the 1 type or 2 querystring parameters to private/en/error or 3 name parameter to private/en/locale/index...

4.3CVSS5.5AI score0.04458EPSS
Exploits2References8
Rows per page
Query Builder