Cross-Site Scripting

This vulnerability allows an attacker to inject malicious scripts into the IP calculator feature of phpIPAM, which can then execute in the browser of anyone who visits the affected pages. To exploit this, the attacker needs to trick users into clicking on a specially crafted link that leads to the vulnerable pages.

This vulnerability allows an attacker to inject malicious scripts into the MiniCMS website, which can then be executed in the browsers of users visiting the site. It occurs when the website improperly handles input in the "date" parameter of a specific page, meaning an attacker needs to trick users into visiting a specially crafted link to exploit it.

An attacker can inject and run malicious scripts in a user's browser when they visit a specific page on the webpagetest site, potentially stealing sensitive information or manipulating the user's session. This occurs because the site does not properly filter user input, allowing harmful code to be executed if a user is tricked into clicking a specially crafted link.

An attacker can inject and run malicious scripts in a user's browser when they visit a specific page on a vulnerable webpagetest site. This happens because the site doesn't properly filter user input for a color setting, allowing the attacker to manipulate the page's content if they can trick someone into visiting a crafted link.

This vulnerability allows an attacker to inject malicious scripts into a web page, which could then be executed in the browser of anyone visiting the affected site. It occurs when a user accesses the installation page with a specially crafted URL, making it possible for the attacker to manipulate the content displayed to users.