Lucene search
K

7 matches found

OSV
OSV
added 2022/10/07 7:15 p.m.4 views

CVE-2022-41392

A cross-site scripting XSS vulnerability in TotalJS commit 8c2c8909 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website name text field under Main Settings...

5.4CVSS5.9AI score0.00632EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/10/07 12:0 a.m.4 views

PT-2022-25841 · Total.Js · Total.Js

Name of the Vulnerable Software and Affected Versions: TotalJS version 8c2c8909 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website name text field under Main Settings. Recommendations: For version...

5.4CVSS5.4AI score0.00632EPSS
Exploits1References7
CNNVD
CNNVD
added 2022/10/07 12:0 a.m.3 views

Total Avengers Totaljs Framework 跨站脚本漏洞

Total Avengers Totaljs Framework is a Javascript-based codebase for building web, desktop, service or IoT applications from Total Avengers Slovakia. The application is similar to PHPs Laravel, Pythons Django, ASP.NET MVC for building Node applications. Total Avengers A security vulnerability exis...

5.4CVSS6.1AI score0.00632EPSS
Exploits1References4
OSV
OSV
added 2022/01/26 12:15 p.m.2 views

UBUNTU-CVE-2021-44120

SPIP 4.0.0 is affected by a Cross Site Scripting XSS vulnerability in ecrire/public/interfaces.php, adding the function safehtml to the vulnerable fields. An editor is able to modify his personal information. If the editor has an article written and available, when a user goes to the public site...

5.4CVSS6AI score0.00628EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/12/22 12:0 a.m.4 views

PT-2022-11995 · Spip +2 · Spip +2

Name of the Vulnerable Software and Affected Versions: SPIP version 4.0.0 Description: The issue concerns a Cross Site Scripting XSS vulnerability in the ecrire/public/interfaces.php file, specifically affecting the "Who are you" and "Website Name" fields. An editor can modify their personal...

9.8CVSS6.6AI score0.02949EPSS
Exploits0References34
CNVD
CNVD
added 2018/05/29 12:0 a.m.3 views

Creatiwity wityCMS Cross-Site Scripting Vulnerability

Creatiwity wityCMS is a lightweight PHP-based model-view-controller-oriented content management system CMS. A cross-site scripting vulnerability exists in the 'Website's name' field on the 'Settings' page under the 'General' menu in version 0.6.1 of Creatiwity wityCMS. ' field in the 'Settings'...

4.8CVSS5.6AI score0.02178EPSS
Exploits5References1
Prion
Prion
added 2018/05/28 1:29 p.m.13 views

Cross site scripting

Stored cross-site scripting XSS vulnerability in the "Website's name" field found in the "Settings" page under the "General" menu in Creatiwity wityCMS 0.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted website name by doing an authenticated POST HTTP request to...

3.5CVSS4.7AI score0.02178EPSS
Exploits5References3Affected Software1
Rows per page
Query Builder