Security
Headlines
HeadlinesLatestCVEs

Tag

#java

CVE-2023-43346: GitHub - sromanhu/CVE-2023-43346-Quick-CMS-Stored-XSS---Languages-Backend: Quick CMS 6.7 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a

Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Backend - Dashboard parameter in the Languages Menu component.

CVE
Open in Source
#xss#vulnerability#web#git#java#auth
CVE-2023-43355: GitHub - sromanhu/CVE-2023-43355-CMSmadesimple-Reflected-XSS---Add-user: Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted sc

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component.

CVE-2023-43354: GitHub - sromanhu/CVE-2023-43354-CMSmadesimple-Stored-XSS---MicroTIny-extension: Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a cr

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Profiles parameter in the Extensions -MicroTiny WYSIWYG editor component.

CVE-2023-43357: GitHub - sromanhu/CVE-2023-43357-CMSmadesimple-Stored-XSS---Shortcut: Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted scrip

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the Manage Shortcuts component.

CVE-2023-43356: GitHub - sromanhu/CVE-2023-43356-CMSmadesimple-Stored-XSS---Global-Settings: Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafte

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Global Meatadata parameter in the Global Settings Menu component.

CVE-2023-43353: GitHub - sromanhu/CVE-2023-43353-CMSmadesimple-Stored-XSS---News---Extra: Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted s

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the extra parameter in the news menu component.

New Windows Infostealer ‘ExelaStealer’ Being Sold on Dark Web

By Waqas Another day, another malware threat against Windows devices and users! This is a post from HackRead.com Read the original post: New Windows Infostealer ‘ExelaStealer’ Being Sold on Dark Web

CVE-2023-3933: GitHub - BlackFan/client-side-prototype-pollution: Prototype Pollution and useful Script Gadgets

The Your Journey theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype pollution in versions up to, and including, 1.9.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

Red Hat Security Advisory 2023-5929-01

Red Hat Security Advisory 2023-5929-01 - An update for tomcat is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.