Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-24973 | 1 Geminilabs | 1 Site Reviews | 2022-01-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Site Reviews WordPress plugin before 5.17.3 does not sanitise and escape the site-reviews parameter of the glsr_action AJAX action (available to unauthenticated and any authenticated users), allowing them to perform Cross-Site Scripting attacks against logged in admins viewing the Tool dashboard of the plugin | |||||
| CVE-2021-24964 | 1 Litespeedtech | 1 Litespeed Cache | 2022-01-08 | 2.6 LOW | 6.1 MEDIUM |
| The LiteSpeed Cache WordPress plugin before 4.4.4 does not properly verify that requests are coming from QUIC.cloud servers, allowing attackers to make requests to certain endpoints by using a specific X-Forwarded-For header value. In addition, one of the endpoint could be used to set CSS code if a setting is enabled, which will then be output in some pages without being sanitised and escaped. Combining those two issues, an unauthenticated attacker could put Cross-Site Scripting payloads in pages visited by users. | |||||
| CVE-2021-24963 | 1 Litespeedtech | 1 Litespeed Cache | 2022-01-08 | 3.5 LOW | 4.8 MEDIUM |
| The LiteSpeed Cache WordPress plugin before 4.4.4 does not escape the qc_res parameter before outputting it back in the JS code of an admin page, leading to a Reflected Cross-Site Scripting | |||||
| CVE-2021-43998 | 1 Hashicorp | 1 Vault | 2022-01-07 | 5.5 MEDIUM | 6.5 MEDIUM |
| HashiCorp Vault and Vault Enterprise 0.11.0 up to 1.7.5 and 1.8.4 templated ACL policies would always match the first-created entity alias if multiple entity aliases exist for a specified entity and mount combination, potentially resulting in incorrect policy enforcement. Fixed in Vault and Vault Enterprise 1.7.6, 1.8.5, and 1.9.0. | |||||
| CVE-2021-46072 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-01-07 | 3.5 LOW | 4.8 MEDIUM |
| A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel. | |||||
| CVE-2021-46070 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-01-07 | 3.5 LOW | 4.8 MEDIUM |
| A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel. | |||||
| CVE-2021-46069 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-01-07 | 3.5 LOW | 4.8 MEDIUM |
| A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel. | |||||
| CVE-2021-46068 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-01-07 | 3.5 LOW | 4.8 MEDIUM |
| A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel. | |||||
| CVE-2021-45745 | 1 Bludit | 1 Bludit | 2022-01-07 | 3.5 LOW | 5.4 MEDIUM |
| A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in login panel. | |||||
| CVE-2021-45744 | 1 Bludit | 1 Bludit | 2022-01-07 | 3.5 LOW | 5.4 MEDIUM |
| A Stored Cross Site Scripting (XSS) vulnerability exists in bludit 3.13.1 via the TAGS section in login panel. | |||||
| CVE-2021-24828 | 1 Mlcalc | 1 Mortgage Calculator\/loan Calculator | 2022-01-07 | 3.5 LOW | 5.4 MEDIUM |
| The Mortgage Calculator / Loan Calculator WordPress plugin before 1.5.17 does not escape the some of the attributes of its mlcalc shortcode before outputting them, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks | |||||
| CVE-2021-24680 | 1 Wptravelengine | 1 Wp Travel Engine | 2022-01-07 | 3.5 LOW | 5.4 MEDIUM |
| The WP Travel Engine WordPress plugin before 5.3.1 does not escape the Description field in the Trip Destination/Activities/Trip Type and Pricing Category pages, allowing users with a role as low as editor to perform Stored Cross-Site Scripting attacks, even when the unfiltered_html capability is disallowed | |||||
| CVE-2021-44896 | 1 Dmproadmap Project | 1 Dmproadmap | 2022-01-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| DMP Roadmap before 3.0.4 allows XSS. | |||||
| CVE-2021-43856 | 1 Requarks | 1 Wiki.js | 2022-01-07 | 3.5 LOW | 5.4 MEDIUM |
| Wiki.js is a wiki app built on Node.js. Wiki.js 2.5.263 and earlier is vulnerable to stored cross-site scripting through non-image file uploads for file types that can be viewed directly inline in the browser. By creating a malicious file which can execute inline JS when viewed in the browser (e.g. XML files), a malicious Wiki.js user may stage a stored cross-site scripting attack. This allows the attacker to execute malicious JavaScript when the file is viewed directly by other users. The file must be opened directly by the user and will not trigger directly in a normal Wiki.js page. A patch in version 2.5.264 fixes this vulnerability by adding an optional (enabled by default) force download flag to all non-image file types, preventing the file from being viewed inline in the browser. As a workaround, disable file upload for all non-trusted users. --- Thanks to @Haxatron for reporting this vulnerability. Initially reported via https://huntr.dev/bounties/266bff09-00d9-43ca-a4bb-bb540642811f/ | |||||
| CVE-2021-45812 | 1 Nuuo | 2 Nvrsolo, Nvrsolo Firmware | 2022-01-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| NUUO Network Video Recorder NVRsolo 3.9.1 is affected by a Cross Site Scripting (XSS) vulnerability. An attacker can steal the user's session by injecting malicious JavaScript codes which leads to session hijacking. | |||||
| CVE-2021-38680 | 1 Qnap | 1 Kazoo Server | 2022-01-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Kazoo Server. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Kazoo Server: Kazoo Server 4.11.20 and later | |||||
| CVE-2021-40579 | 1 Online Enrollment Management System Project | 1 Online Enrollment Management System | 2022-01-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 is affected by: Incorrect Access Control. The impact is: gain privileges (remote). | |||||
| CVE-2021-20164 | 1 Trendnet | 2 Tew-827dru, Tew-827dru Firmware | 2022-01-07 | 4.0 MEDIUM | 4.9 MEDIUM |
| Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb functionality of the device. Usernames and passwords for all smb users are revealed in plaintext on the smbserver.asp page. | |||||
| CVE-2021-20162 | 1 Trendnet | 2 Tew-827dru, Tew-827dru Firmware | 2022-01-07 | 4.0 MEDIUM | 4.9 MEDIUM |
| Trendnet AC2600 TEW-827DRU version 2.08B01 stores credentials in plaintext. Usernames and passwords are stored in plaintext in the config files on the device. For example, /etc/config/cameo contains the admin password in plaintext. | |||||
| CVE-2021-20163 | 1 Trendnet | 2 Tew-827dru, Tew-827dru Firmware | 2022-01-07 | 4.0 MEDIUM | 4.9 MEDIUM |
| Trendnet AC2600 TEW-827DRU version 2.08B01 leaks information via the ftp web page. Usernames and passwords for all ftp users are revealed in plaintext on the ftpserver.asp page. | |||||
| CVE-2021-20156 | 1 Trendnet | 2 Tew-827dru, Tew-827dru Firmware | 2022-01-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access control configuration that could allow for a malicious firmware update. It is possible to manually install firmware that may be malicious in nature as there does not appear to be any signature validation done to determine if it is from a known and trusted source. This includes firmware updates that are done via the automated "check for updates" in the admin interface. If an attacker is able to masquerade as the update server, the device will not verify that the firmware updates downloaded are legitimate. | |||||
| CVE-2021-24997 | 1 Wp-guppy | 1 Wp Guppy | 2022-01-07 | 6.4 MEDIUM | 6.5 MEDIUM |
| The WP Guppy WordPress plugin before 1.3 does not have any authorisation in some of the REST API endpoints, allowing any user to call them and could lead to sensitive information disclosure, such as usernames and chats between users, as well as be able to send messages as an arbitrary user | |||||
| CVE-2021-20153 | 1 Trendnet | 2 Tew-827dru, Tew-827dru Firmware | 2022-01-07 | 6.9 MEDIUM | 6.8 MEDIUM |
| Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality. If enabled, the bittorrent functionality is vulnerable to a symlink attack that could lead to remote code execution on the device. If an end user inserts a flash drive with a malicious symlink on it that the bittorrent client can write downloads to, then a user is able to download arbitrary files to any desired location on the devices filesystem, which could lead to remote code execution. Example directories vulnerable to this include "config", "downloads", and "torrents", though it should be noted that "downloads" is the only vector that allows for arbitrary files to be downloaded to arbitrary locations. | |||||
| CVE-2021-20152 | 1 Trendnet | 2 Tew-827dru, Tew-827dru Firmware | 2022-01-07 | 5.8 MEDIUM | 6.5 MEDIUM |
| Trendnet AC2600 TEW-827DRU version 2.08B01 lacks proper authentication to the bittorrent functionality. If enabled, anyone is able to visit and modify settings and files via the Bittorent web client by visiting: http://192.168.10.1:9091/transmission/web/ | |||||
| CVE-2021-43853 | 1 Ajax.net Professional Project | 1 Ajax.net Professional | 2022-01-07 | 3.5 LOW | 5.4 MEDIUM |
| Ajax.NET Professional (AjaxPro) is an AJAX framework available for Microsoft ASP.NET. Affected versions of this package are vulnerable to JavaScript object injection which may result in cross site scripting when leveraged by a malicious user. The affected core relates to JavaScript object creation when parsing json input. Releases before version 21.12.22.1 are affected. A workaround exists that replaces one of the core JavaScript files embedded in the library. See the GHSA-5q7q-qqw2-hjq7 for workaround details. | |||||
| CVE-2021-35035 | 1 Zyxel | 2 Nbg6604, Nbg6604 Firmware | 2022-01-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| A cleartext storage of sensitive information vulnerability in the Zyxel NBG6604 firmware could allow a remote, authenticated attacker to obtain sensitive information from the configuration file. | |||||
| CVE-2021-45895 | 1 Netgen | 1 Tags Bundle | 2022-01-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| Netgen Tags Bundle 3.4.x before 3.4.11 and 4.0.x before 4.0.15 allows XSS in the Tags Admin interface. | |||||
| CVE-2021-43855 | 1 Requarks | 1 Wiki.js | 2022-01-07 | 3.5 LOW | 5.4 MEDIUM |
| Wiki.js is a wiki app built on node.js. Wiki.js 2.5.263 and earlier is vulnerable to stored cross-site scripting through a SVG file upload made via a custom request with a fake MIME type. By creating a crafted SVG file, a malicious Wiki.js user may stage a stored cross-site scripting attack. This allows the attacker to execute malicious JavaScript when the SVG is viewed directly by other users. Scripts do not execute when loaded inside a page via normal `<img>` tags. The malicious SVG can only be uploaded by crafting a custom request to the server with a fake MIME type. A patch in version 2.5.264 fixes this vulnerability by adding an additional file extension verification check to the optional (enabled by default) SVG sanitization step to all file uploads that match the SVG mime type. As a workaround, disable file upload for all non-trusted users. | |||||
| CVE-2021-40170 | 1 Securitashome | 2 Securitashome Alarm System, Securitashome Alarm System Firmware | 2022-01-06 | 5.8 MEDIUM | 6.8 MEDIUM |
| An RF replay attack vulnerability in the SecuritasHome home alarm system, version HPGW-G 0.0.2.23F BG_U-ITR-F1-BD_BL.A30.20181117, allows an attacker to trigger arbitrary system functionality by replaying previously recorded signals. This lets an adversary, among other things, disarm an armed system. | |||||
| CVE-2021-38961 | 1 Ibm | 6 Power System Ac922 \(8335-gtc\), Power System Ac922 \(8335-gtc\) Firmware, Power System Ac922 \(8335-gtg\) and 3 more | 2022-01-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM OPENBMC OP910 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 212049. | |||||
| CVE-2021-25993 | 1 Requarks | 1 Wiki.js | 2022-01-06 | 3.5 LOW | 5.4 MEDIUM |
| In Requarks wiki.js, versions 2.0.0-beta.147 to 2.5.255 are affected by Stored XSS vulnerability, where a low privileged (editor) user can upload a SVG file that contains malicious JavaScript while uploading assets in the page. That will send the JWT tokens to the attacker’s server and will lead to account takeover when accessed by the victim. | |||||
| CVE-2021-45903 | 1 Salesagility | 1 Suitecrm | 2022-01-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| A persistent cross-site scripting (XSS) issue in the web interface of SuiteCRM before 7.10.35, and 7.11.x and 7.12.x before 7.12.2, allows a remote attacker to introduce arbitrary JavaScript via attachments upload, a different vulnerability than CVE-2021-39267 and CVE-2021-39268. | |||||
| CVE-2021-45425 | 1 Safarimontage | 1 Safari Montage | 2022-01-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| Reflected Cross Site Scripting (XSS) in SAFARI Montage versions 8.3 and 8.5 allows remote attackers to execute JavaScript codes. | |||||
| CVE-2021-25990 | 1 If-me | 1 Ifme | 2022-01-06 | 3.5 LOW | 5.4 MEDIUM |
| In “ifme”, versions v7.22.0 to v7.31.4 are vulnerable against self-stored XSS in the contacts field as it allows loading XSS payloads fetched via an iframe. | |||||
| CVE-2021-25989 | 1 If-me | 1 Ifme | 2022-01-06 | 3.5 LOW | 5.4 MEDIUM |
| In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability in the markdown editor. It can be exploited by making a victim a Leader of a group which triggers the payload for them. | |||||
| CVE-2021-25988 | 1 If-me | 1 Ifme | 2022-01-06 | 3.5 LOW | 5.4 MEDIUM |
| In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability (notifications section) which can be directly triggered by sending an ally request to the admin. | |||||
| CVE-2021-4176 | 1 Livehelperchat | 1 Live Helper Chat | 2022-01-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-4175 | 1 Livehelperchat | 1 Live Helper Chat | 2022-01-06 | 3.5 LOW | 5.4 MEDIUM |
| livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2020-20943 | 1 Qibosoft | 1 Qibosoft | 2022-01-06 | 4.3 MEDIUM | 4.3 MEDIUM |
| A Cross-Site Request Forgery (CSRF) in /member/post.php?job=postnew&step=post of Qibosoft v7 allows attackers to force victim users into arbitrarily publishing new articles via a crafted URL. | |||||
| CVE-2021-4179 | 1 Livehelperchat | 1 Live Helper Chat | 2022-01-06 | 3.5 LOW | 5.4 MEDIUM |
| livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2021-4177 | 1 Livehelperchat | 1 Live Helper Chat | 2022-01-06 | 5.0 MEDIUM | 5.3 MEDIUM |
| livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information | |||||
| CVE-2021-45539 | 1 Netgear | 24 Mr60, Mr60 Firmware, Ms60 and 21 more | 2022-01-06 | 5.2 MEDIUM | 6.8 MEDIUM |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, MR60 before 1.0.6.110, RAX20 before 1.0.2.82, RAX45 before 1.0.2.28, RAX80 before 1.0.3.106, MS60 before 1.0.6.110, RAX15 before 1.0.2.82, RAX50 before 1.0.2.28, and RAX75 before 1.0.3.106. | |||||
| CVE-2021-45603 | 1 Netgear | 36 D7800, D7800 Firmware, Ex2700 and 33 more | 2022-01-06 | 2.1 LOW | 5.5 MEDIUM |
| Certain NETGEAR devices are affected by disclosure of sensitive information. A UPnP request reveals a device's serial number, which can be used for a password reset. This affects D7800 before 1.0.1.66, EX2700 before 1.0.1.68, WN3000RPv2 before 1.0.0.90, WN3000RPv3 before 1.0.2.100, LBR1020 before 2.6.5.20, LBR20 before 2.6.5.32, R6700AX before 1.0.10.110, R7800 before 1.0.2.86, R8900 before 1.0.5.38, R9000 before 1.0.5.38, RAX10 before 1.0.10.110, RAX120v1 before 1.2.3.28, RAX120v2 before 1.2.3.28, RAX70 before 1.0.10.110, RAX78 before 1.0.10.110, XR450 before 2.3.2.130, XR500 before 2.3.2.130, and XR700 before 1.0.1.46. | |||||
| CVE-2021-24797 | 1 Tickera | 1 Tickera | 2022-01-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Tickera WordPress plugin before 3.4.8.3 does not properly sanitise and escape the Name fields of booked Events before outputting them in the Orders admin dashboard, which could allow unauthenticated users to perform Cross-Site Scripting attacks against admins. | |||||
| CVE-2021-24979 | 1 Strangerstudios | 1 Paid Memberships Pro | 2022-01-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Paid Memberships Pro WordPress plugin before 2.6.6 does not escape the s parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting | |||||
| CVE-2021-24969 | 1 Wpdownloadmanager | 1 Wordpress Download Manager | 2022-01-06 | 3.5 LOW | 5.4 MEDIUM |
| The WordPress Download Manager WordPress plugin before 3.2.22 does not sanitise and escape Template data before outputting it in various pages (such as admin dashboard and frontend). Due to the lack of authorisation and CSRF checks in the wpdm_save_template AJAX action, any authenticated users such as subscriber is able to call it and perform Cross-Site Scripting attacks | |||||
| CVE-2021-24967 | 1 Themehunk | 1 Contact Form \& Lead Form Elementor Builder | 2022-01-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Contact Form & Lead Form Elementor Builder WordPress plugin before 1.6.4 does not sanitise and escape some lead values, which could allow unauthenticated users to perform Cross-Site Scripting attacks against logged in admin viewing the inserted Leads | |||||
| CVE-2021-24980 | 1 Gwolle Guestbook Project | 1 Gwolle Guestbook | 2022-01-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Gwolle Guestbook WordPress plugin before 4.2.0 does not sanitise and escape the gwolle_gb_user_email parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue in an admin page | |||||
| CVE-2021-24984 | 1 Wpfront | 1 Wpfront User Role Editor | 2022-01-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| The WPFront User Role Editor WordPress plugin before 3.2.1.11184 does not sanitise and escape the changes-saved parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting | |||||
| CVE-2021-24988 | 1 Wprssaggregator | 1 Wp Rss Aggregator | 2022-01-06 | 3.5 LOW | 5.4 MEDIUM |
| The WP RSS Aggregator WordPress plugin before 4.19.3 does not sanitise and escape data before outputting it in the System Info admin dashboard, which could lead to a Stored XSS issue due to the wprss_dismiss_addon_notice AJAX action missing authorisation and CSRF checks, allowing any authenticated users, such as subscriber to call it and set a malicious payload in the addon parameter. | |||||