Filtered by vendor Ari-soft
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-0161 | 1 Ari-soft | 1 Ari Fancy Lightbox | 2022-03-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| The ARI Fancy Lightbox WordPress plugin before 1.3.9 does not sanitise and escape the msg parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting | |||||
| CVE-2020-19156 | 1 Ari-soft | 1 Ari Adminer | 2021-09-22 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) in Ari Adminer v1 allows remote attackers to execute arbitrary code via the 'Title' parameter of the 'Add New Connections' component when the 'save()' function is called. | |||||