An input neutralization vulnerability in the Server MOTD component of Crafty Controller allows a remote, unauthenticated attacker to perform stored XSS via server MOTD modification.
An input neutralization vulnerability in the Server Name form and API Key form components of Crafty Controller allows a remote, authenticated attacker to perform stored XSS via malicious form input.
An input neutralization vulnerability in the Webhook Template component of Crafty Controller allows a remote, authenticated attacker to perform remote code execution via Server Side Template Injection
An input neutralization vulnerability in the Backup Configuration component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via path tr
An input neutralization vulnerability in the File Operations API Endpoint component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via
Due to improper neutralization of input during web page generation (XSS) an unauthenticated remote attacker can inject HTML code into the Web-UI in the affected device.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joni Halabi Block Controller block-controller allows Reflected XSS.This issue affects Block Contro
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability
exists impacting PLC system variables that could cause an unvalidated data injected by authen
CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
vulnerability exists when an authenticated user modifies configuration parameters on the web server
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rocket Apps Notely notely allows Stored XSS.This issue affects Notely: from n/a through <= 1.8.0.
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability
exists in Certificates page on Webserver that could cause an unvalidated data injected by aut
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cookiecode CookieCode cookiecode allows Stored XSS.This issue affects CookieCode: from n/a through
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site
Scripting') vulnerability exists that could cause a vulnerability leading to a cross-site scripting
condition where att
A cross-site scripting (XSS) vulnerability exists in the LB-Link BL-CPE300M 01.01.02P42U14_06 router's web interface. The /goform/goform_get_cmd_process endpoint fails to sanitize user input in the cm
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Craft craftcoffee allows DOM-Based XSS.This issue affects Craft: from n/a through <= 2.
CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ValvePress Rankie valvepress-rankie allows Reflected XSS.This issue affects Rankie: from n/a throu
Page 1+ Next →