5210 matches found
CVE-2022-40088
Simple College Website v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the component /collegewebsite/index.php?page=. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the page parameter...
Cross site scripting
A cross-site scripting XSS vulnerability in Liferay Portal v7.3.3 through v7.4.2 and Liferay DXP v7.3 before service pack 3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name of a tag...
CVE-2022-28980
Multiple cross-site scripting XSS vulnerabilities in Liferay Portal v7.4.3.4 and Liferay DXP v7.4 GA allows attackers to execute arbitrary web scripts or HTML via parameters with the filter prefix...
CVE-2022-28982
A cross-site scripting XSS vulnerability in Liferay Portal v7.3.3 through v7.4.2 and Liferay DXP v7.3 before service pack 3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name of a tag...
CVE-2022-28979
Liferay Portal v7.1.0 through v7.4.2 and Liferay DXP 7.1 before fix pack 26, 7.2 before fix pack 15, and 7.3 before service pack 3 was discovered to contain a cross-site scripting XSS vulnerability in the Portal Search module's Custom Facet widget. This vulnerability allows attackers to execute...
CVE-2022-40027
SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component newTask.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the shortName parameter...
CVE-2022-40028
SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component newProjectValidation.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fullName parameter...
CVE-2022-40028
SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component newProjectValidation.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fullName parameter...
CVE-2022-40027
SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component newTask.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the shortName parameter...
Cross site scripting
A stored cross-site scripting XSS vulnerability in the /weibo/list component of Jeesns v2.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2022-38339
Safe Software FME Server v2021.2.5, v2022.0.0.2 and below contains a cross-site scripting XSS vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the login page...
Cross site scripting
A stored cross-site scripting XSS vulnerability in the authsettings component of FiberHome AN5506-02-B vRP2521 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfgloid text field...
CVE-2022-38814
A stored cross-site scripting XSS vulnerability in the authsettings component of FiberHome AN5506-02-B vRP2521 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfgloid text field...
PT-2022-24581 · Fiberhome · Fiberhome An5506-02-B
Name of the Vulnerable Software and Affected Versions: FiberHome AN5506-02-B version vRP2521 Description: A stored cross-site scripting XSS issue in the auth settings component allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfg loid text field...
CVE-2022-38295
Cuppa CMS v1.0 was discovered to contain a cross-site scripting vulnerability at /tablemanager/view/cuusergroups. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Add New Group function...
Cross site scripting
SLiMS Senayan Library Management System v9.4.2 was discovered to contain a cross-site scripting XSS vulnerability via the Search function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search bar...
Cross site scripting
Cuppa CMS v1.0 was discovered to contain a cross-site scripting vulnerability at /tablemanager/view/cuusergroups. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Add New Group function...
CVE-2022-38295
Cuppa CMS v1.0 was discovered to contain a cross-site scripting vulnerability at /tablemanager/view/cuusergroups. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field under the Add New Group function...
PT-2022-24343 · Unknown · Slims Senayan Library Management System
Name of the Vulnerable Software and Affected Versions: SLiMS Senayan Library Management System version 9.4.2 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search function. This enables the execution of malicious code on th...
CVE-2022-38639
A cross-site scripting XSS vulnerability in Markdown-Nice v1.8.22 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Community Posting field...