Lucene search
K

27433 matches found

Github Security Blog
Github Security Blog
added 2022/05/14 3:40 a.m.16 views

phpMyAdmin Cross-site scripting (XSS) vulnerability in central columns feature

Cross-site scripting XSS vulnerability in dbcentralcolumns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

5.4CVSS5.5AI score0.01618EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/14 3:31 a.m.15 views

Grav CMS Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in system/src/Grav/Common/Twig/Twig.php in Grav CMS before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to admin/tools...

6.1CVSS5.8AI score0.03401EPSS
Exploits3References4Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/14 3:21 a.m.19 views

GeniXCMS Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in GeniXCMS 1.1.0 allows remote authenticated users to inject arbitrary web script or HTML via the Menu ID when adding a menu...

4.8CVSS5.4AI score0.00653EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/05/14 3:20 a.m.18 views

GHSA-P2FM-8RHJ-58FR Dolibarr Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in Dolibarr before 7.0.2 allows remote attackers to inject arbitrary web script or HTML via the foruserlogin parameter to adherents/cartes/carte.php...

6.1CVSS6AI score0.86988EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2022/05/14 3:20 a.m.23 views

Dolibarr Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in Dolibarr before 7.0.2 allows remote attackers to inject arbitrary web script or HTML via the foruserlogin parameter to adherents/cartes/carte.php...

6.1CVSS6AI score0.86988EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/14 3:8 a.m.11 views

Joomla! vulnerable to Cross-site Scripting

Multiple cross-site scripting XSS vulnerabilities in the back end in Joomla! 1.5 through 1.5.17 allow remote attackers to inject arbitrary web script or HTML via unknown vectors related to "various administrator screens," possibly the search parameter in administrator/index.php...

4.3CVSS6AI score0.01033EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/14 3:8 a.m.20 views

Joomla! vulnerable to Cross-site Scripting

Multiple cross-site scripting XSS vulnerabilities in Joomla! before 1.6.4 allow remote attackers to inject arbitrary web script or HTML via 1 the query string to the comcontact component, as demonstrated by the Itemid parameter to index.php; 2 the query string to the comcontent component, as...

4.3CVSS6AI score0.01089EPSS
Exploits2References6Affected Software1
OSV
OSV
added 2022/05/14 3:6 a.m.13 views

GHSA-994G-74GQ-5QPR XSS in baserCMS

Cross-site scripting vulnerability in baserCMS baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

5.4CVSS5.3AI score0.00677EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/14 3:6 a.m.14 views

XSS in baserCMS

Cross-site scripting vulnerability in baserCMS baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.4AI score0.00842EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/14 3:6 a.m.17 views

XSS in baserCMS

Cross-site scripting vulnerability in baserCMS baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...

5.4CVSS6.1AI score0.00677EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/05/14 3:6 a.m.25 views

GHSA-6QJV-43MF-RGRH XSS in baserCMS

Cross-site scripting vulnerability in baserCMS baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.2AI score0.00842EPSS
Exploits0References4
OSV
OSV
added 2022/05/14 2:59 a.m.9 views

GHSA-Q9G7-PFF4-548R Gleez Cms Cross-site Scripting in Profile Page

Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting XSS vulnerability in Profile page that can result in injection of arbitrary web script or HTML via the profile page editor. The victim must navigate to the attacker's profile page to exploit this vulnerability...

5.4CVSS5.4AI score0.00653EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2022/05/14 2:59 a.m.15 views

Gleez Cms Cross-site Scripting in Profile Page

Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting XSS vulnerability in Profile page that can result in injection of arbitrary web script or HTML via the profile page editor. The victim must navigate to the attacker's profile page to exploit this vulnerability...

5.4CVSS5.9AI score0.00653EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/05/14 2:54 a.m.24 views

GHSA-QPR7-5M63-HQ2C Improper Neutralization of Input During Web Page Generation in JAMon

Multiple cross-site scripting XSS vulnerabilities in JAMon Java Application Monitor 2.7 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 listenertype or 2 currentlistener parameter to mondetail.jsp or ArraySQL parameter to 3 mondetail.jsp, 4 jamonadmin.jsp, 5...

4.3CVSS5.5AI score0.02232EPSS
Exploits2References9
Github Security Blog
Github Security Blog
added 2022/05/14 2:54 a.m.19 views

Improper Neutralization of Input During Web Page Generation in JAMon

Multiple cross-site scripting XSS vulnerabilities in JAMon Java Application Monitor 2.7 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 listenertype or 2 currentlistener parameter to mondetail.jsp or ArraySQL parameter to 3 mondetail.jsp, 4 jamonadmin.jsp, 5...

4.3CVSS4.3AI score0.02232EPSS
Exploits2References10Affected Software1
OSV
OSV
added 2022/05/14 2:51 a.m.17 views

GHSA-8699-M855-CWQF Cross-site scripting in Elasticsearch

Cross-site scripting XSS vulnerability in the CORS functionality in Elasticsearch before 1.4.0.Beta1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.4AI score0.02023EPSS
Exploits0References6
OSV
OSV
added 2022/05/14 2:46 a.m.19 views

GHSA-GW38-MXR2-RM8R Apache OpenMeetings Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in Apache OpenMeetings before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the event description when creating an event...

6.1CVSS6.1AI score0.07974EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/05/14 2:46 a.m.24 views

Apache OpenMeetings Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in Apache OpenMeetings before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the event description when creating an event...

6.1CVSS4.1AI score0.07974EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/05/14 2:46 a.m.16 views

GHSA-633W-W2PF-X84R Apache OpenMeetings Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in the SWF panel in Apache OpenMeetings before 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the swf parameter...

6.1CVSS6.1AI score0.04858EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2022/05/14 2:46 a.m.23 views

Apache OpenMeetings Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in the SWF panel in Apache OpenMeetings before 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the swf parameter...

6.1CVSS4.2AI score0.04858EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder