#xss

Cross-site Scripting (XSS) - Stored in GitHub repository autolab/autolab prior to 2.8.0.

A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the File Manager feature.

A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 through the Add Users feature.

A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature.

A Cross-Site Scripting (XSS) vulnerability exists in Webmin 1.973 via the Upload and Download feature.

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the web_exec parameter at /apply.cgi.

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the web_exec parameter at /apply.cgi.

A cross-site scripting (XSS) vulnerability at /ofcms/company-c-47 in OFCMS v1.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment text box.

Insecure permissions configured in the userid parameter at /user/getuserprofile of FEBS-Security v1.0 allows attackers to access and arbitrarily modify users' personal information.

Newbee-Mall v1.0.0 was discovered to contain an arbitrary file upload via the Upload function at /admin/goods/edit.