123Solar 1.8.4.5 - Cross-Site Scripting

123Solar 1.8.4.5 is vulnerable to reflected cross-site scripting XSS via the date1 parameter in detailed.php. Unsanitized user input is reflected in the response, allowing arbitrary JavaScript execution. id: CVE-2024-9007 info: name: 123Solar 1.8.4.5 - Cross-Site Scripting author: ritikchaddha...

EUVD-2024-49661

Malicious code in bioql PyPI...

CVE-2024-9007

A vulnerability classified as problematic has been found in jeanmarc77 123solar 1.8.4.5. This affects an unknown part of the file /detailed.php. The manipulation of the argument date1 leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CVE-2024-9275

A vulnerability was found in jeanmarc77 123solar up to 1.8.4.5. It has been rated as critical. This issue affects some unknown processing of the file /admin/admininvt2.php. The manipulation of the argument PROTOCOLx leads to file inclusion. The attack may be initiated remotely. The exploit has be...

CVE-2024-9275 jeanmarc77 123solar admin_invt2.php file inclusion

A vulnerability was found in jeanmarc77 123solar up to 1.8.4.5. It has been rated as critical. This issue affects some unknown processing of the file /admin/admininvt2.php. The manipulation of the argument PROTOCOLx leads to file inclusion. The attack may be initiated remotely. The exploit has be...

CVE-2024-9275 jeanmarc77 123solar admin_invt2.php file inclusion

A vulnerability was found in jeanmarc77 123solar up to 1.8.4.5. It has been rated as critical. This issue affects some unknown processing of the file /admin/admininvt2.php. The manipulation of the argument PROTOCOLx leads to file inclusion. The attack may be initiated remotely. The exploit has be...

CVE-2024-9275

CVE-2024-9275 affects jeanmarc77 123solar up to version 1.8.4.5. The vulnerability is a remote file-inclusion in /admin/admin_invt2.php caused by manipulating the PROTOCOLx parameter. Connected sources confirm remote exploitation possibility and public disclosure of the exploit. A practical worka...

123solar 安全漏洞

123Solar is a set of lightweight PHP/JS files from the individual developer Jean-Marc Louviaux. A security vulnerability exists in 123solar 1.8.4.5 and earlier versions, which stems from the parameter PROTOCOLx in the file /admin/admininvt2.php that can lead to a remote attack on the file...

PT-2024-39533 · Jeanmarc77 · 123Solar

Name of the Vulnerable Software and Affected Versions: jeanmarc77 123solar versions up to 1.8.4.5 Description: A critical issue affects the processing of the file /admin/admin invt2.php. The manipulation of the argument PROTOCOLx leads to file inclusion. This issue can be exploited remotely...

CVE-2024-9006

A vulnerability was found in jeanmarc77 123solar 1.8.4.5. It has been rated as critical. Affected by this issue is some unknown functionality of the file config/configinvt1.php. The manipulation of the argument PASSOx leads to code injection. The attack may be launched remotely. The exploit has...

CVE-2024-9007

A vulnerability classified as problematic has been found in jeanmarc77 123solar 1.8.4.5. This affects an unknown part of the file /detailed.php. The manipulation of the argument date1 leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CVE-2024-9006

A vulnerability was found in jeanmarc77 123solar 1.8.4.5. It has been rated as critical. Affected by this issue is some unknown functionality of the file config/configinvt1.php. The manipulation of the argument PASSOx leads to code injection. The attack may be launched remotely. The exploit has...

CVE-2024-9007

A vulnerability classified as problematic has been found in jeanmarc77 123solar 1.8.4.5. This affects an unknown part of the file /detailed.php. The manipulation of the argument date1 leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CVE-2024-9007

CVE-2024-9007 affects 123Solar 1.8.4.5. The vulnerability is a cross-site scripting issue in an unknown part of the file /detailed.php , caused by manipulation of the date1 parameter. The issue is exploitable remotely via unsanitized input reflected in the response, enabling arbitrary JavaScript ...

CVE-2024-9007 jeanmarc77 123solar detailed.php cross site scripting

A vulnerability classified as problematic has been found in jeanmarc77 123solar 1.8.4.5. This affects an unknown part of the file /detailed.php. The manipulation of the argument date1 leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CVE-2024-9007 jeanmarc77 123solar detailed.php cross site scripting

A vulnerability classified as problematic has been found in jeanmarc77 123solar 1.8.4.5. This affects an unknown part of the file /detailed.php. The manipulation of the argument date1 leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CVE-2024-9006 jeanmarc77 123solar config_invt1.php code injection

A vulnerability was found in jeanmarc77 123solar 1.8.4.5. It has been rated as critical. Affected by this issue is some unknown functionality of the file config/configinvt1.php. The manipulation of the argument PASSOx leads to code injection. The attack may be launched remotely. The exploit has...

CVE-2024-9006 jeanmarc77 123solar config_invt1.php code injection

A vulnerability was found in jeanmarc77 123solar 1.8.4.5. It has been rated as critical. Affected by this issue is some unknown functionality of the file config/configinvt1.php. The manipulation of the argument PASSOx leads to code injection. The attack may be launched remotely. The exploit has...

CVE-2024-9006

CVE-2024-9006 affects jeanmarc77 123solar version 1.8.4.5. The vulnerability resides in the file config/config_invt1.php, where manipulation of the PASSOx argument enables code injection. Exploitation is described as remotely possible, with public disclosure of the exploit. The patch identified i...

123Solar 跨站脚本漏洞

123Solar is a set of lightweight PHP/JS files from the individual developer Jean-Marc Louviaux. A cross-site scripting vulnerability exists in 123Solar version 1.8.4.5, which stems from the fact that the parameter date1 in the file /detailed.php causes cross-site scripting...