myfactory FMS - Cross-Site Scripting

myfactory.FMS before 7.1-912 allows cross-site scripting via the Error parameter. id: CVE-2021-42566 info: name: myfactory FMS - Cross-Site Scripting author: madrobot,daffainfo severity: medium description: | myfactory.FMS before 7.1-912 allows cross-site scripting via the Error parameter. impact...

EUVD-2025-42566

Malicious code in putra-getas15-miaww npm...

CVE-2024-42566

creationtimestamp| type| source ---|---|--- 2024-08-20 16:17:47+00:00| seen| https://t.me/cvedetector/3634...

CVE-2024-42566

CVE-2024-42566 affects the School Management System. A SQL injection flaw is present in the login.php endpoint, exploitable via the password parameter. Public sources note the vulnerability but do not provide confirmed affected versions or a fix. Impact is described as high/critical in CVE metada...

CVE-2024-42566

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the password parameter at login.php...

CVE-2023-42566

creationtimestamp| type| source ---|---|--- 2023-12-24 10:41:55+00:00| seen| https://t.me/ctinow/158985...

CVE-2023-42566

CVE-2023-42566 targets the libsavsvc component used in Samsung Mobile devices. The issue is described as an out-of-bounds write, with the root cause tied to libsavsvc prior to the SMR Dec-2023 Release 1. The documented impact is local code execution by attackers, with consequences described as ar...

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. A malicious person can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code execution User rights Access to sensitive data...

myfactory FMS 7.1-911 - 'Multiple' Reflected Cross-Site Scripting (XSS)

Exploit Title: myfactory FMS 7.1-911 - 'Multiple' Reflected Cross-Site Scripting XSS Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://www.myfactory.com/ Version: Enfold input NAME="txtUID" VALU...

CVE-2021-42566

creationtimestamp| type| source ---|---|--- 2021-10-18 12:36:46+00:00| seen| https://t.me/cibsecurity/30674 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-42566.yaml...

CVE-2021-42566

myfactory.FMS before 7.1-912 allows XSS via the Error parameter...

CVE-2021-42566

Summary (CVE-2021-42566): myfactory.FMS before 7.1-912 is vulnerable to cross-site scripting via the Error parameter. The issue affects the web application’s input handling, allowing an attacker to inject scripts that run in a victim’s browser. Products: myfactory.FMS. Affected versions: 7.1-? up...