Search Results (Refine Search)
- Keyword (text search): xss
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-17993 |
Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request. Published: December 29, 2017; 11:29:00 PM -0500 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2017-17991 |
Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request. Published: December 29, 2017; 11:29:00 PM -0500 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2017-17989 |
Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action. Published: December 29, 2017; 11:29:00 PM -0500 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2017-17988 |
PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/event_add.php event_title parameter. Published: December 29, 2017; 11:29:00 PM -0500 |
V4.0:(not available) V3.0: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2017-17986 |
PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/caste_view.php comm_id parameter. Published: December 29, 2017; 11:29:00 PM -0500 |
V4.0:(not available) V3.0: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2017-17985 |
PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/state_view.php cou_id parameter. Published: December 29, 2017; 11:29:00 PM -0500 |
V4.0:(not available) V3.0: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2017-17984 |
PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/event_edit.php edit_id parameter. Published: December 29, 2017; 11:29:00 PM -0500 |
V4.0:(not available) V3.0: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2017-17981 |
PHP Scripts Mall Muslim Matrimonial Script has XSS via the admin/slider_edit.php edit_id parameter. Published: December 29, 2017; 11:29:00 PM -0500 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2017-17971 |
The test_sql_and_script_inject function in htdocs/main.inc.php in Dolibarr ERP/CRM 6.0.4 blocks some event attributes but neither onclick nor onscroll, which allows XSS. Published: December 29, 2017; 1:29:00 PM -0500 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-17933 |
cgi/surgeftpmgr.cgi (aka the Web Manager interface on TCP port 7021 or 9021) in NetWin SurgeFTP version 23f2 has XSS via the classid, domainid, or username parameter. Published: December 29, 2017; 1:29:00 PM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-17958 |
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the my_wishlist.php fid parameter. Published: December 28, 2017; 1:29:00 PM -0500 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-17956 |
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the admin/sellerupd.php companyname parameter. Published: December 28, 2017; 1:29:00 PM -0500 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-17955 |
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the shopping-cart.php cusid parameter. Published: December 28, 2017; 1:29:00 PM -0500 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-17954 |
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the seller-view.php usid parameter. Published: December 28, 2017; 1:29:00 PM -0500 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-17953 |
PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the category.php chid1 parameter. Published: December 28, 2017; 1:29:00 PM -0500 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-17949 |
Cells Blog 3.5 has XSS via the pub_readpost.php fmid parameter. Published: December 28, 2017; 1:29:00 PM -0500 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-17948 |
Cells Blog 3.5 has XSS via the jfdname parameter in an act=showpic request. Published: December 28, 2017; 1:29:00 PM -0500 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-17940 |
PHP Scripts Mall Single Theater Booking has XSS via the title parameter to admin/sitesettings.php. Published: December 28, 2017; 1:29:00 AM -0500 |
V4.0:(not available) V3.0: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2017-17938 |
PHP Scripts Mall Single Theater Booking has XSS via the admin/viewtheatre.php theatreid parameter. Published: December 28, 2017; 1:29:00 AM -0500 |
V4.0:(not available) V3.0: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2017-17937 |
Vanguard Marketplace Digital Products PHP has XSS via the phps_query parameter to /search. Published: December 28, 2017; 1:29:00 AM -0500 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |