Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

GHSA-x2ph-qqwm-9cc6: CleverTap Cordova plugin vulnerable to Cross-site Scripting

CleverTap Cordova Plugin version 2.6.2 allows a remote attacker to execute JavaScript code in any application that is opened via a specially constructed deeplink by an attacker. This is possible because the plugin does not correctly validate the data coming from the deeplinks before using them.

ghsa
#xss#nodejs#git#java
CVE-2023-3681: cve_hub/Retro Cellphone Online Store - vlun 8.pdf at main · E1CHO/cve_hub

A vulnerability classified as problematic was found in Campcodes Retro Cellphone Online Store 1.0. This vulnerability affects unknown code of the file /admin/modal_add_product.php. The manipulation of the argument description leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-234226 is the identifier assigned to this vulnerability.

CVE-2023-38350: Fix XSS in AJAX controller for basket by martialblog · Pull Request #16 · pnp4nagios/pnp4nagios

PNP4Nagios through 81ebfc5 has stored XSS in the AJAX controller via the basket API and filters. This affects 0.6.26.

CVE-2023-37224: Archer Update for Multiple Vulnerabilities

An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via the log files.

CVE-2023-36119: NVD - CVE-2023-0527

File upload vulnerability in PHPGurukul Online Security Guards Hiring System v.1.0 allows a remote attacker to execute arbitrary code via a crafted php file to the \osghs\admin\images file.

BloodBank 1.0 Cross Site Scripting

BloodBank version 1.0 suffers from a cross site scripting vulnerability.

Blogator 0.93 Cross Site Scripting

Blogator version 0.93 suffers from a cross site scripting vulnerability.

Bigware Shop 2.3 Cross Site Scripting

Bigware Shop version 2.3 suffers from a cross site scripting vulnerability.

Bazaar Social Listing Shopping Web PHP Template 2.3.2 Cross Site Scripting

Bazaar Social Listing Shopping Web PHP Template version 2.3.2 suffers from a cross site scripting vulnerability.