Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2021-36573: Cross Site Scripting On Image Upload Via File Name · Issue #59 · liufee/cms

File Upload vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via crafted image upload.

CVE
Open in Source
#xss#vulnerability#git
CVE-2020-21219: Prevent ACME output from being interpreted as HTML. Fixes #9888 · pfsense/FreeBSD-ports@a6f443c

Cross Site Scripting (XSS) vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acme_certificate_edit.php page of the ACME package.

CVE-2021-39427: 188Jianzhan V 2.10 XSS vulnerability exists · Issue #4 · vtime-tech/188Jianzhan

Cross site scripting vulnerability in 188Jianzhan 2.10 allows attackers to execute arbitrary code via the username parameter to /admin/reg.php.

CVE-2021-39428: There is a vulnerability in eyuCMS v1.5.4 could cause Cross site Scripting(XSS) · Issue #14 · weng-xianhu/eyoucms

Cross Site Scripting (XSS) vulnerability in Users.php in eyoucms 1.5.4 allows remote attackers to run arbitrary code and gain escalated privilege via the filename for edit_users_head_pic.

CVE-2022-44235: VoIP simpliclty of Zed-3 is vulnerable to Cross Site Scripting (XSS) · Issue #1 · liong007/Zed-3

Beijing Zed-3 Technologies Co.,Ltd VoIP simpliclty ASG 8.5.0.17807 (20181130-16:12) is vulnerable to Cross Site Scripting (XSS).

CVE-2022-45033: cve-request/cve-poc-payload at main · cyb3r-n3rd/cve-request

A cross-site scripting (XSS) vulnerability in Expense Tracker 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Chat text field.

CVE-2020-20589: XSS vulnerability in feehicms v2.0.8 · Issue #45 · liufee/cms

Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html tag.

CVE-2022-40001: Cross Site Scripting Vulnerability On Feehi CMS · Issue #65 · liufee/cms

Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the title field of the create article page.

CVE-2022-40000: Cross Site Scripting Vulnerability On Feehi CMS · Issue #64 · liufee/cms

Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the username field of the admin log in page.

CVE-2022-40002: Cross Site Scripting Vulnerability On Feehi CMS · Issue #66 · liufee/cms

Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbirtary code via the callback parameter to /cms/notify.