Lucene search
+L

55 matches found

Cvelist
Cvelist
added 2022/10/06 12:0 a.m.22 views

CVE-2022-39988

A cross-site scripting XSS vulnerability in Centreon 22.04.0 allows attackers to execute arbitrary web script or HTML via a crafted payload injected into the ServiceTemplates servicealias parameter...

5.4AI score0.00623EPSS
Exploits3References1
CNNVD
CNNVD
added 2022/07/25 12:0 a.m.5 views

Artica Pandora FMS 跨站脚本漏洞

Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A security vulnerability exists in Artica Pandora FMS v7.0NG.761 and earlier versions, which stems from the alias paramete...

4.8CVSS4.9AI score0.00372EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/07/25 12:0 a.m.8 views

PT-2022-14796 · Unknown · Pandora Fms

Name of the Vulnerable Software and Affected Versions: Pandora FMS versions 7.0NG.761 and below Description: The issue concerns a Stored Cross Site-Scripting vulnerability in the agent creation section, specifically affecting the alias parameter. This can be exploited by an attacker with...

4.8CVSS4.9AI score0.00372EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/06/14 1:0 p.m.7 views

CVE-2022-2059

In Pandora FMS v7.0NG.761 and below, in the agent creation section, the alias parameter is vulnerable to a Stored Cross Site-Scripting. This vulnerability can be exploited by an attacker with administrator privileges logged in the system...

4.8CVSS5.9AI score0.00372EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/07/16 3:15 p.m.5 views

CVE-2021-28054

An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. A Stored Cross-Site Scripting XSS issue in "Configuration Hosts" allows remote authenticated users to inject arbitrary web script or HTML via the Alias parameter...

5.4CVSS6.2AI score0.01074EPSS
Exploits0References3
Prion
Prion
added 2021/07/16 3:15 p.m.15 views

Cross site scripting

An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. A Stored Cross-Site Scripting XSS issue in "Configuration Hosts" allows remote authenticated users to inject arbitrary web script or HTML via the Alias parameter...

3.5CVSS4.9AI score0.01074EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/07/16 3:15 p.m.2 views

CVE-2021-28054

An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. A Stored Cross-Site Scripting XSS issue in "Configuration Hosts" allows remote authenticated users to inject arbitrary web script or HTML via the Alias parameter...

5.4CVSS5.8AI score0.01074EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/07/16 3:15 p.m.36 views

CVE-2021-28054

An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. A Stored Cross-Site Scripting XSS issue in "Configuration Hosts" allows remote authenticated users to inject arbitrary web script or HTML via the Alias parameter...

5.4CVSS6.2AI score0.01074EPSS
Exploits0References4
OSV
OSV
added 2021/07/16 3:15 p.m.4 views

UBUNTU-CVE-2021-28054

An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. A Stored Cross-Site Scripting XSS issue in "Configuration Hosts" allows remote authenticated users to inject arbitrary web script or HTML via the Alias parameter...

5.4CVSS5.9AI score0.01074EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2020/08/31 12:0 a.m.4 views

PT-2020-13709 · Dolibarr · Dolibarr

Name of the Vulnerable Software and Affected Versions: Dolibarr version 11.0.4 Description: The issue concerns multiple stored Cross-Site Scripting XSS vulnerabilities. These could allow remote authenticated attackers to inject arbitrary web script or HTML. This can be done via several API...

5.4CVSS5.2AI score0.00832EPSS
Exploits0References9
CNVD
CNVD
added 2020/04/21 12:0 a.m.5 views

PrestaShop cross-site scripting vulnerability (CNVD-2020-25940)

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides a variety of payment methods, short message alerts and product image scaling and other features. A cross-site scripting vulnerability exists in the 'alias' and 'search' parameters of...

6.1CVSS6.4AI score0.00826EPSS
Exploits0References1
Prion
Prion
added 2019/02/07 5:29 p.m.19 views

Design/Logic Flaw

ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via the portal/admincategory/addpost.html alias parameter because the mishandling of a single quote character allows data/conf/route.php injection...

6.5CVSS9.1AI score0.09935EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2019/02/07 5:0 p.m.31 views

CVE-2019-7580

ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via the portal/admincategory/addpost.html alias parameter because the mishandling of a single quote character allows data/conf/route.php injection...

9.2AI score0.09935EPSS
Exploits3References2
CNVD
CNVD
added 2017/05/24 12:0 a.m.5 views

Open Source Solutions ViMbAdmin Cross-Site Scripting Vulnerability

Open Source Solutions ViMbAdmin is an open source Web-based virtual mailbox management system from Open Source Solutions, Ireland. The system supports administrators to manage domains , mail and aliases and so on. A cross-site scripting vulnerability exists in Open Source Solutions ViMbAdmin...

5.4CVSS6AI score0.01012EPSS
Exploits2References1
UbuntuCve
UbuntuCve
added 2006/12/15 10:28 p.m.27 views

CVE-2006-6604

Directory traversal vulnerability in downloaddetails.php in TorrentFlux 2.2 allows remote authenticated users to read arbitrary files via .. dot dot sequences in the alias parameter, a different vector than CVE-2006-6328...

6.5CVSS6.1AI score0.02721EPSS
Exploits0References1
Rows per page
Query Builder