10 matches found
CVE-2024-33988 Cross-Site Scripting (XSS) vulnerability in Janobe products
Cross-Site Scripting XSS vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'Attendance', 'attenddate' and...
CVE-2023-33988
CVE-2023-33988 affects SAP Enable Now components: WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704. The vulnerability stems from the absence of implemented Content-Security-Policy and X-XSS-Protection headers, enabling an unauthenticated attacker to attempt ref...
CVE-2023-33988 Cross-Site Scripting vulnerability in SAP Enable Now
In SAP Enable Now - versions WPBMANAGER 1.0, WPBMANAGERCE 10, WPBMANAGERHANA 10, ENABLENOWCONSUMPDEL 1704, the Content-Security-Policy and X-XSS-Protection response headers are not implemented, allowing an unauthenticated attacker to attempt reflected cross-site scripting, which could result in...
CVE-2022-33988
creationtimestamp| type| source ---|---|--- 2022-08-15 16:37:47+00:00| seen| https://t.me/cibsecurity/48154...
CVE-2022-33988
CVE-2022-33988 affects dproxy-nexgen (DNS proxy). The issue is the reuse of the DNS TXID from client queries, enabling an attacker who can send queries to the resolver to perform DNS cache poisoning. Exploitation status is not detailed in the provided documents; no concrete patch/version remediat...
CVE-2021-33988
creationtimestamp| type| source ---|---|--- 2021-10-19 20:33:19+00:00| seen| https://t.me/cibsecurity/30805...
CVE-2021-33988
Cross Site Scripting XSS. vulnerability exists in Microweber CMS 1.2.7 via the Login form, which could let a malicious user execute Javascript by Inserting code in the request form...
CVE-2021-33988
Cross Site Scripting XSS. vulnerability exists in Microweber CMS 1.2.7 via the Login form, which could let a malicious user execute Javascript by Inserting code in the request form...
CVE-2021-33988
Cross Site Scripting XSS. vulnerability exists in Microweber CMS 1.2.7 via the Login form, which could let a malicious user execute Javascript by Inserting code in the request form...
CVE-2021-33988
CVE-2021-33988 is a Cross-Site Scripting (XSS) vulnerability reported in Microweber CMS version 1.2.7 accessible via the Login form. The concrete details from connected sources state that an attacker could inject and execute Javascript by placing code in the login request form, enabling a client-...