Lucene search
K

13 matches found

Circl
Circl
added 2025/08/14 7:38 p.m.10 views

CVE-2023-43687

creationtimestamp| type| source ---|---|--- 2025-08-14 19:38:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lwf3pe5ct22d...

6.5CVSS4.8AI score0.00227EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:39 a.m.11 views

CVE-2024-43687

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip TimeProvider 4100 banner config modules allows Cross-Site Scripting XSS.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...

7.7CVSS6.1AI score0.00765EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/05/23 12:12 a.m.9 views

CVE-2022-43687

Concrete CMS formerly concrete5 below 8.5.10 and between 9.0.0 and 9.1.2 does not issue a new session ID upon successful OAuth authentication. Remediate by updating to Concrete CMS 9.1.3+ or 8.5.10+...

5.4CVSS6.8AI score0.00584EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2025/04/04 12:0 a.m.302 views

Microchip TimeProvider 4100 Grandmaster (Banner Config Modules) 2.4.6 - Stored Cross-Site Scripting (XSS)

Exploit Title: Microchip TimeProvider 4100 Grandmaster Banner Config Modules 2.4.6 - Stored Cross-Site Scripting XSS Exploit Author: Armando Huesca Prida Discovered By: Armando Huesca Prida, Marco Negro, Antonio Carriero, Vito Pistillo, Davide Renna, Manuel Leone, Massimiliano Brolli Date of...

7.7CVSS6.4AI score0.00765EPSS
Exploits3
Circl
Circl
added 2024/10/04 10:43 p.m.5 views

CVE-2024-43687

creationtimestamp| type| source ---|---|--- 2024-10-04 22:43:37+00:00| seen| https://t.me/cvedetector/7019...

7.7CVSS4.8AI score0.00765EPSS
Exploits3References1
Vulnrichment
Vulnrichment
added 2024/10/04 7:41 p.m.17 views

CVE-2024-43687 XSS vulnerability in bannerconfig endpoint in TimeProvider 4100

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip TimeProvider 4100 banner config modules allows Cross-Site Scripting XSS.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...

7.7CVSS6.5AI score0.00765EPSS
Exploits3References2
Cvelist
Cvelist
added 2024/10/04 7:41 p.m.20 views

CVE-2024-43687 XSS vulnerability in bannerconfig endpoint in TimeProvider 4100

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip TimeProvider 4100 banner config modules allows Cross-Site Scripting XSS.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...

7.7CVSS0.00765EPSS
Exploits3References2
Circl
Circl
added 2022/11/16 7:54 a.m.5 views

CVE-2022-43687

creationtimestamp| type| source ---|---|--- 2022-11-16 07:54:56+00:00| seen| https://t.me/cibsecurity/53000...

5.4CVSS5.5AI score0.00584EPSS
Exploits0References1
CVE
CVE
added 2022/11/14 12:0 a.m.81 views

CVE-2022-43687

Concrete CMS (formerly concrete5) vulnerability CVE-2022-43687 affects versions below 8.5.10 and 9.0.0–9.1.2, where the OAuth authentication flow does not issue a new session ID after successful login. This insecure session management could allow session fixation-like scenarios as described in mu...

5.4CVSS5.4AI score0.00584EPSS
Exploits0References5Affected Software1
Circl
Circl
added 2021/12/01 6:40 p.m.5 views

CVE-2021-43687

creationtimestamp| type| source ---|---|--- 2021-12-01 18:40:09+00:00| seen| https://t.me/cibsecurity/33212...

6.1CVSS6.1AI score0.01376EPSS
Exploits1References1
NVD
NVD
added 2021/12/01 4:15 p.m.20 views

CVE-2021-43687

chamilo-lms v1.11.14 is affected by a Cross Site Scripting XSS vulnerability in /plugin/jcapture/applet.php if an attacker passes a message hex2bin in the cookie...

6.1CVSS0.01376EPSS
Exploits1References4
CVE
CVE
added 2021/12/01 3:49 p.m.47 views

CVE-2021-43687

CVE-2021-43687 affects Chamilo LMS v1.11.14 with a Cross-Site Scripting (XSS) vulnerability in /plugin/jcapture/applet.php when a message hex2bin is placed in the cookie. The issue is web‑accessible and, per the cited sources, allows script execution within the victim’s browser. Public details in...

6.1CVSS6AI score0.01376EPSS
Exploits1References4Affected Software1
OpenVAS
OpenVAS
added 2021/08/11 12:0 a.m.21 views

Chamilo LMS < 1.11.16 Multiple Vulnerabilities

Chamilo LMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:chamilo:chamilolms"; if...

9.8CVSS6.4AI score0.15576EPSS
Exploits11References8
Rows per page
Query Builder