CVE-2022-44390

A cross-site scripting XSS vulnerability in EyouCMS V1.5.9-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Public Security Record Number text field...

Cross site scripting

A cross-site scripting XSS vulnerability in EyouCMS V1.5.9-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Public Security Record Number text field...

CVE-2022-43342

A stored cross-site scripting XSS vulnerability in the Add function of Eramba GRC Software c2.8.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the KPI Title text field...

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Add function of Eramba GRC Software c2.8.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the KPI Title text field...

CVE-2022-42786

Multiple W&T Products of the ComServer Series are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into the title of the configuration webpage...

Design/Logic Flaw

Multiple W&T Products of the ComServer Series are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into the title of the configuration webpage...

CVE-2022-42786

CVE-2022-42786 concerns the Wiesemann & Theis ComServer Series web interface. The vulnerability is an XSS flaw in the configuration webpage title, allowing an authenticated remote attacker to inject and execute arbitrary web scripts/HTML. The root cause is described in a few sources as an imprope...

CVE-2022-42786 Wiesemann & Theis: XSS vulnerability in web interface of the Com-Server family

Multiple W&T Products of the ComServer Series are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into the title of the configuration webpage...

GHSA-3WMG-28V9-8HF6 Subrion CMS is vulnerable to Cross-Site Scripting (XSS)

A cross-site scripting XSS vulnerability in the /panel/fields/add component of Intelliants Subrion CMS version 4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field...

CVE-2022-43120

A cross-site scripting XSS vulnerability in the /panel/fields/add component of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field...

CVE-2022-43118

A cross-site scripting XSS vulnerability in flatCore-CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username text field...

CVE-2022-43119

A cross-site scripting XSS vulnerability in Clansphere CMS v2011.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username parameter...

CVE-2022-43121

A cross-site scripting XSS vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field...

Cross site scripting

A cross-site scripting XSS vulnerability in Clansphere CMS v2011.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username parameter...

Cross site scripting

A cross-site scripting XSS vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field...

CVE-2022-43118

Summary: CVE-2022-43118 is a cross-site scripting (XSS) vulnerability in flatCore-CMS v2.1.0 that allows an attacker to inject arbitrary web scripts or HTML via the Username field. Affected product (from provided documents): flatCore-CMS, version 2.1.0. Technical details (as stated): The vulnerab...

CVE-2022-43120

A cross-site scripting XSS vulnerability in the /panel/fields/add component of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field...

CVE-2022-43118

A cross-site scripting XSS vulnerability in flatCore-CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username text field...

Cross site scripting

A cross-site scripting XSS vulnerability in Canteen Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2022-43144

A cross-site scripting XSS vulnerability in Canteen Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...