映射到 CWE-79 的搜索结果 (7330)

CVE-2014-8957(发布:2017-10-06 18:29:00)NMP
CVSS3.5

[原文]Cross-site scripting (XSS) vulnerability in OpenKM before 6.4.19 allows remote authenticated users to inject arbitrary web script or HTML via the Tasks parameter.

CVE-2015-2144(发布:2017-10-06 18:29:00)NM
CVSS3.5

[原文]Multiple cross-site scripting (XSS) vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote authenticated users to inject arbitrary web script or HTML via the (1) project name parameter to project.php; the (2) use_js parameter to user.php; the (3) use_js parameter to group.php; the (4) Description parameter to status.php; the (5) Description parameter to severity.php; the (6) Regex parameter to os.php; or the (7) Name parameter to database.php.

CVE-2015-2145(发布:2017-10-06 18:29:00)NM
CVSS3.5

[原文]Multiple cross-site scripting (XSS) vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.

CVE-2015-2148(发布:2017-10-06 18:29:00)NM
CVSS3.5

[原文]Multiple cross-site scripting (XSS) vulnerabilities in Issuetracker phpBugTracker before 1.7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.

CVE-2014-7240(发布:2017-10-06 10:29:00)NM
CVSS4.3

[原文]Cross-site scripting (XSS) vulnerability in the Easy Contact Form Solution plugin before 1.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the value parameter in a master_response action to wp-admin/admin-ajax.php.

CVE-2014-8758(发布:2017-10-06 10:29:00)NM
CVSS4.3

[原文]Cross-site scripting (XSS) vulnerability in Best Gallery Albums Plugin before 3.0.70for WordPress allows remote attackers to inject arbitrary web script or HTML via the order_id parameter in the gallery_album_sorting page to wp-admin/admin.php.

首页上一页678910111213下一页尾页 第8页 / 共1222页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站