17 matches found
CVE-2026-41962
Permission control vulnerability in the app management and control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2026-41962
Technical details about CVE-2026-41962 (affected products, components, impact specifics, and remediation) are not publicly available in the provided documents. Monitor for updates from Huawei/NVD CVE feeds.
CVE-2021-41962
Cross Site Scripting XSS vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Owner fullname parameter in a Send Service Request in vehicleservice...
CVE-2023-41962
Cross-site scripting vulnerability in Credit Card Payment Setup page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script in the page...
CVE-2024-41962
creationtimestamp| type| source ---|---|--- 2024-08-01 19:36:31+00:00| seen| https://t.me/cvedetector/2254...
CVE-2024-41962 Bostr Improper Authorization
Bostr is an nostr relay aggregator proxy that acts like a regular nostr relay. bostr let everyone in even having authorizedkeys being set when noscraper is set to true. This vulnerability is fixed in 3.0.10...
CVE-2024-41962 Bostr Improper Authorization
Bostr is an nostr relay aggregator proxy that acts like a regular nostr relay. bostr let everyone in even having authorizedkeys being set when noscraper is set to true. This vulnerability is fixed in 3.0.10...
CVE-2023-41962
creationtimestamp| type| source ---|---|--- 2023-09-27 18:42:10+00:00| seen| https://t.me/cibsecurity/71085...
CVE-2023-41962
Cross-site scripting vulnerability in Credit Card Payment Setup page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script in the page...
CVE-2023-41962
Welcart e‑Commerce contains an XSS vulnerability CVE-2023‑41962 affecting versions 2.7–2.8.21 in the Credit Card Payment Setup page. The flaw allows a remote, unauthenticated attacker to inject arbitrary scripts into the affected page. Publicly documented impact includes execution of client-side ...
JVN#97197972: Multiple vulnerabilities in WordPress plugin "Welcart e-Commerce"
WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains multiple vulnerabilities listed below. Unrestricted Upload of File with Dangerous Type CWE-434 - CVE-2023-40219 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N| Base Score: 2.7 CVSS v2|...
CVE-2022-41962
creationtimestamp| type| source ---|---|--- 2022-12-16 16:24:23+00:00| seen| https://t.me/cibsecurity/54663...
CVE-2022-41962
BigBlueButton contains a vulnerability (CVE-2022-41962) described as Incorrect Authorization for setting emoji status. A user with moderator rights can use the clear status feature to set any emoji status for other users, whereas moderators should only be able to set none. Affected versions are p...
CVE-2022-41962 BigBlueButton contains Incorrect Authorization for setting emoji status
BigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6, and 2.5-alpha-1 contain Incorrect Authorization for setting emoji status. A user with moderator rights can use the clear status feature to set any emoji status for other users. Moderators should only be able to s...
CVE-2021-41962
creationtimestamp| type| source ---|---|--- 2021-12-16 20:36:15+00:00| seen| https://t.me/cibsecurity/34152 2021-12-17 07:40:04+00:00| seen| https://t.me/BlueRedTeam/1512 2023-11-22 10:27:55+00:00| published-proof-of-concept| Telegram/vHTtKQxmAT3f8pPJYMyZLW3MJn6GFVTdkZIulMbNHlsBg 2024-10-21...
CVE-2021-41962
Cross Site Scripting XSS vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Owner fullname parameter in a Send Service Request in vehicleservice...
CVE-2021-41962
Affected software: Sourcecodester Vehicle Service Management System 1.0 (open source PHP project). Vulnerability vector / component: Cross-Site Scripting (XSS) via the Owner fullname parameter in a Send Service Request within vehicle_service. Root cause (as stated): lack of data validation/filter...