** DISPUTED ** A vulnerability was found in zzdevelop lenosp up to 20230831. It has been classified as problematic. This affects an unknown part of the component Adduser Page. The manipulation of the argument username with the input alert(1) leads to cross site scripting. It is possible to...
2.4CVSS
5.7AI Score
0.0004EPSS
An arbitrary file upload vulnerability in the /user/upload component of lenosp 1.0-1.2.0 allows attackers to execute html code via a crafted JPG...
8.8CVSS
8.7AI Score
0.001EPSS
6.5CVSS
6.9AI Score
0.0005EPSS