Flatboard version 3.2 suffers from a persistent cross site scripting vulnerability.
219357d7f08636e31a5e04cf4c5eacdc2e724a224d82b37b34b7040e003fe8d5Red Hat Security Advisory 2024-4057-03 - Release of OpenShift Serverless Logic 1.33.0. Issues addressed include cross site scripting and denial of service vulnerabilities.
68314117cd947ce031325efcf1691e33cd733d49701f9712ea20e953079252a1Microweber version 2.0.15 suffers from a persistent cross site scripting vulnerability.
bc5f31437cdc3b2035b17ca3b2950b4cf584eac427c398fd1c4e2f3f28b25118Premium Support Tickets For WHMCS version 1.2.10 suffers from a cross site scripting vulnerability.
0b98e620a6ee83502076b64abb1b54bea994147d96f0c0f880577b2df8b36393AEGON LIFE version 1.0 suffers from a persistent cross site scripting vulnerability.
7eceb05ddd8cbd642dccde5405d50cae94f5207cbef2af0b913bb1a391ba70acLost and Found Information System version 1.0 suffers from a reflective cross site scripting vulnerability.
075bae0f3073aeafd6f4cb516ed784fe8d11ba07aa216df25c0eb9c8235cf759Lost and Found Information System version 1.0 suffers from a persistent cross site scripting vulnerability.
df973d3074e051a08dcb9a9e07fa3df6582f74a0030c02786fb1aedfa590b1c4Carbon Forum version 5.9.0 suffers from a persistent cross site scripting vulnerability.
0275740466e4849423d62587753fa66335d2a4cb87f615eb7dc13dda378872d2XMB version 1.9.12.06 suffers from a persistent cross site scripting vulnerability.
b18b7ade8c93d26089ad547c0a84b59c6125527787f375a74692835723a66dd1Ubuntu Security Notice 6825-1 - It was discovered that the PDO driver in ADOdb was incorrectly handling string quotes. A remote attacker could possibly use this issue to perform SQL injection attacks. This issue only affected Ubuntu 16.04 LTS. It was discovered that ADOdb was incorrectly handling GET parameters in test.php. A remote attacker could possibly use this issue to execute cross-site scripting attacks. This issue only affected Ubuntu 16.04 LTS.
01e0f44081269e85a54c1d9b8ba563fa88ee4b62bc5f34527ee8158874e4e2ffRed Hat Security Advisory 2024-3781-03 - An update is now available for Red Hat Ansible Automation Platform 2.4. Issues addressed include HTTP request smuggling, buffer overflow, code execution, cross site scripting, denial of service, memory exhaustion, null pointer, and password leak vulnerabilities.
97582fd49f5e2d746ce75f2c7f0477643a47ef5538d5de3b9d00c3c7df43d95bKiuwan SAST versions prior to 2.8.2402.3, Kiuwan Local Analyzer versions prior to master.1808.p685.q13371, and Kiuwan SaaS versions prior to 2024-02-05 suffer from XML external entity injection, cross site scripting, insecure direct object reference, and various other vulnerabilities.
6af5ef942877432434cbf024cf41b29e270c93717f04c0f42c420899c400c4efSEH utnserver Pro/ProMAX and INU-100 version 20.1.22 suffers from cross site scripting, denial of service, and file disclosure vulnerabilities.
67806c2f4c3195737e32e0a53dfdc16ae12e9f9db70895d10ba1b259619c40f6Small CRM version 1.0 suffers from a cross site scripting vulnerability.
d3c65dad3d94dd12450fd90ffd20f512c45e1635bc0844b5a8f21ce0eaac14f9Northwind Demo version 1.0 suffers from persistent cross site scripting vulnerability.
be16ac3b1273454f36fe0ca68ec44bfb633b1180198ddcd594f8325e20a41718Sitefinity version 15.0 suffers from a persistent cross site scripting vulnerability.
e3828dd1dfdea72d17946ff9f4387ec885ff60da39add68c558e1ebdc4eb08baiMLog versions prior to 1.307 suffer from a persistent cross site scripting vulnerability.
41363b501e8b38ba3e267a44d4da15c2e44e3c8e7251c38bd295cdf08bd7d310ORing IAP-420 version 2.01e suffers from remote command injection and persistent cross site scripting vulnerabilities.
28abb60f6782915fe5d445adb98b15cb9953faaf9cc843956f9c44bd40922a89Ubuntu Security Notice 6787-1 - It was discovered that Jinja2 incorrectly handled certain HTML attributes that were accepted by the xmlattr filter. An attacker could use this issue to inject arbitrary HTML attribute keys and values to potentially execute a cross-site scripting attack.
5fb19612eaef3e824fef107b74a6791c85cf91717d71f96ab90d4a98e0def10eHAWKI version 1.0.0-beta.1 before commit 146967f suffers from cross site scripting, arbitrary file overwrite, and session fixation vulnerabilities.
dfca73f84c2fb3bf8edc1b2f48f75be2dbaaae19ce18c9d800d8ca4a7c98f67aUbuntu Security Notice 6788-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
2ba9114499615625ceec3aef13282d48432167a8d10e47afc3ee65f19e05d3e3Debian Linux Security Advisory 5699-1 - Multiple cross-site scripting vulnerabilities were found in Redmine, a project management web application.
8ccdf18f5aa689e7ce489e58e7238e0dea2c1e410a864ffd0488c844c3677af8Jcow Social Networking versions 14.2 up to 16.2.1 suffer from a persistent cross site scripting vulnerability.
8ff452224b5c44a006c708f69ef20ee895de407da9b77ccc1fefea5c2352b824NorthStar C2, prior to commit 7674a44 on March 11 2024, contains a vulnerability where the logs page is vulnerable to a stored cross site scripting issue. An unauthenticated user can simulate an agent registration to cause the cross site scripting attack and take over a users session. With this access, it is then possible to run a new payload on all of the NorthStar C2 compromised hosts (agents), and kill the original agent. Successfully tested against NorthStar C2 commit e7fdce148b6a81516e8aa5e5e037acd082611f73 running on Ubuntu 22.04. The agent was running on Windows 10 19045.
e5fdc1eb511aee9e0ced55911325ab4ed7c9efe59d20347fc192d3a17a7fa844CHAOS version 5.0.8 is a free and open-source Remote Administration Tool that allows generated binaries to control remote operating systems. The web application contains a remote command execution vulnerability which can be triggered by an authenticated user when generating a new executable. The web application also contains a cross site scripting vulnerability within the view of a returned command being executed on an agent.
f57ebc1eae72783c36ac9e3df7805d9879e3d1ced0b8232ea872b32518252dce
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed