Check CVE Id
Check CWE Id
OX App Suite 7.10.6 Cross Site Scripting / SSRF / Resource Consumption
OX App Suite Cross Site Scripting / Command Injection
OX App Suite 7.10.5 Cross Site Scripting
OX App Suite / OX Guard SSRF / DoS / Cross Site Scripting
OX App Suite / OX Documents 7.10.3 XSS / Server-Side Request Forgery
OX App Suite 7.10.2 Cross Site Scripting / Improper Access Control
Open-Xchange OX Guard Cross Site Scripting / Signature Validation
Ox App Suite 7.8.4 / 7.8.3 XSS / CSRF / Information Disclosure
Base Soundtouch 18.1.4 Cross Site Scripting
OX App Suite 7.8.4 XSS / Privilege Management / SSRF / Traversal
Open-Xchange App Suite 7.8.1 Cross Site Scripting
Open-Xchange Server 6 / OX AppSuite Cross Site Scripting
Open-Xchange Server 6 / OX AppSuite 7.6.1 Cross Site Scripting
John de Kroon
Open-Xchange 7.6.0 XSS / SSRF / Traversal
Open-Xchange AppSuite 7.4.1 / 7.4.2 Cross Site Scripting
Open-Xchange 7.4.1 Script Insertion
Open-Xchange AppSuite Script Insertion
CVEMAP Search Results
A vulnerability, which was classified as problematic, has been found in ZZZCMS 2.2.0. This issue affects some unknown processing of the component Personal Profile Page. The manipulation leads to basic cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-242147.
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Saphira Saphira Connect allows Reflected XSS.This issue affects Saphira Connect: before 9.
The Ninja Forms WordPress Ninja Forms Contact Form WordPress plugin before 3.6.26 was affected by a HTML Injection security vulnerability.
The Elementor Website Builder WordPress plugin before 3.5.5 does not filter out user-controlled URLs from being loaded into the DOM. This could be used to inject rogue iframes that point to malicious URLs.
A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been classified as problematic. This affects an unknown part of the file admin/?page=user/manage_user of the component Manage User Page. The manipulation of the argument First Name/Middle Name/Last Name leads to basic cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-230361 was assigned to this vulnerability.
A vulnerability, which was classified as problematic, has been found in Abstrium Pydio Cells 4.2.0. This issue affects some unknown processing of the component Chat. The manipulation leads to basic cross site scripting. The attack may be initiated remotely. Upgrading to version 4.2.1 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-230213 was assigned to this vulnerability.
There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when clicked could render arbitrary HTML in the victim�??s browser (no stateful change made or customer data rendered).
Back to Top