映射到 CWE-79 的搜索结果 (7400)

CVE-2018-5078(发布:2018-01-03 15:29:00)NM
CVSS3.5

[原文]Online Ticket Booking has XSS via the admin/eventlist.php cast parameter.

CVE-2015-7324(发布:2017-12-27 14:29:00)NMP
CVSS4.3

[原文]Multiple cross-site scripting (XSS) vulnerabilities in helpers/comment.php in the StackIdeas Komento (com_komento) component before 2.0.5 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) img or (2) url tag of a new comment.

CVE-2015-7666(发布:2017-12-27 14:29:00)NMP
CVSS4.3

[原文]Multiple cross-site scripting (XSS) vulnerabilities in the (1) cp_updateMessageItem and (2) cp_deleteMessageItem functions in cp_ppp_admin_int_message_list.inc.php in the Payment Form for PayPal Pro plugin before 1.0.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the cal parameter.

CVE-2015-7667(发布:2017-12-27 14:29:00)NMP
CVSS4.3

[原文]Multiple cross-site scripting (XSS) vulnerabilities in (1) templates/admanagement/admanagement.php and (2) templates/adspot/adspot.php in the ResAds plugin before 1.0.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the page parameter.

CVE-2015-7668(发布:2017-12-27 14:29:00)NMP
CVSS4.3

[原文]Cross-site scripting (XSS) vulnerability in includes/MapPinImageSave.php in the Easy2Map plugin before 1.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the map_id parameter.

CVE-2017-1365(发布:2017-12-27 11:29:14)NM
CVSS3.5

[原文]IBM Team Concert (RTC including IBM Rational Collaborative Lifecycle Management 4.0, 5.0., and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-force ID: 126858.

首页上一页12345678下一页尾页 第3页 / 共1234页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站