27433 matches found
phpMyAdmin Cross-site scripting (XSS) vulnerability in central columns feature
Cross-site scripting XSS vulnerability in dbcentralcolumns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...
Grav CMS Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in system/src/Grav/Common/Twig/Twig.php in Grav CMS before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to admin/tools...
GeniXCMS Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in GeniXCMS 1.1.0 allows remote authenticated users to inject arbitrary web script or HTML via the Menu ID when adding a menu...
GHSA-P2FM-8RHJ-58FR Dolibarr Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in Dolibarr before 7.0.2 allows remote attackers to inject arbitrary web script or HTML via the foruserlogin parameter to adherents/cartes/carte.php...
Dolibarr Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in Dolibarr before 7.0.2 allows remote attackers to inject arbitrary web script or HTML via the foruserlogin parameter to adherents/cartes/carte.php...
Joomla! vulnerable to Cross-site Scripting
Multiple cross-site scripting XSS vulnerabilities in the back end in Joomla! 1.5 through 1.5.17 allow remote attackers to inject arbitrary web script or HTML via unknown vectors related to "various administrator screens," possibly the search parameter in administrator/index.php...
Joomla! vulnerable to Cross-site Scripting
Multiple cross-site scripting XSS vulnerabilities in Joomla! before 1.6.4 allow remote attackers to inject arbitrary web script or HTML via 1 the query string to the comcontact component, as demonstrated by the Itemid parameter to index.php; 2 the query string to the comcontent component, as...
GHSA-994G-74GQ-5QPR XSS in baserCMS
Cross-site scripting vulnerability in baserCMS baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...
XSS in baserCMS
Cross-site scripting vulnerability in baserCMS baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
XSS in baserCMS
Cross-site scripting vulnerability in baserCMS baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors...
GHSA-6QJV-43MF-RGRH XSS in baserCMS
Cross-site scripting vulnerability in baserCMS baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
GHSA-Q9G7-PFF4-548R Gleez Cms Cross-site Scripting in Profile Page
Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting XSS vulnerability in Profile page that can result in injection of arbitrary web script or HTML via the profile page editor. The victim must navigate to the attacker's profile page to exploit this vulnerability...
Gleez Cms Cross-site Scripting in Profile Page
Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting XSS vulnerability in Profile page that can result in injection of arbitrary web script or HTML via the profile page editor. The victim must navigate to the attacker's profile page to exploit this vulnerability...
GHSA-QPR7-5M63-HQ2C Improper Neutralization of Input During Web Page Generation in JAMon
Multiple cross-site scripting XSS vulnerabilities in JAMon Java Application Monitor 2.7 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 listenertype or 2 currentlistener parameter to mondetail.jsp or ArraySQL parameter to 3 mondetail.jsp, 4 jamonadmin.jsp, 5...
Improper Neutralization of Input During Web Page Generation in JAMon
Multiple cross-site scripting XSS vulnerabilities in JAMon Java Application Monitor 2.7 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 listenertype or 2 currentlistener parameter to mondetail.jsp or ArraySQL parameter to 3 mondetail.jsp, 4 jamonadmin.jsp, 5...
GHSA-8699-M855-CWQF Cross-site scripting in Elasticsearch
Cross-site scripting XSS vulnerability in the CORS functionality in Elasticsearch before 1.4.0.Beta1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
GHSA-GW38-MXR2-RM8R Apache OpenMeetings Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in Apache OpenMeetings before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the event description when creating an event...
Apache OpenMeetings Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in Apache OpenMeetings before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the event description when creating an event...
GHSA-633W-W2PF-X84R Apache OpenMeetings Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in the SWF panel in Apache OpenMeetings before 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the swf parameter...
Apache OpenMeetings Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in the SWF panel in Apache OpenMeetings before 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the swf parameter...