Lucene search
K

59 matches found

Prion
Prion
added 2023/08/23 10:15 p.m.14 views

Cross site scripting

Cross Site Scripting XSS vulnerability in sourcecodester Student Study Center Desk Management System 1.0 allows attackers to run arbitrary code via crafted GET request to web application URL...

4.3CVSS5.1AI score0.00507EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/23 12:0 a.m.13 views

CVE-2023-36317

Cross Site Scripting XSS vulnerability in sourcecodester Student Study Center Desk Management System 1.0 allows attackers to run arbitrary code via crafted GET request to web application URL...

6.2AI score0.00507EPSS
Exploits1References3
OSV
OSV
added 2023/02/24 9:15 p.m.1 views

CVE-2021-34249

SQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers to view sensitive information via the id paremeter in application URL...

7.5CVSS5.9AI score0.01229EPSS
Exploits1References2
Prion
Prion
added 2023/02/24 9:15 p.m.9 views

Sql injection

SQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers to view sensitive information via the id paremeter in application URL...

5CVSS7.6AI score0.01229EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/02/24 12:0 a.m.13 views

CVE-2021-34249

SQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers to view sensitive information via the id paremeter in application URL...

7.8AI score0.01229EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/02/24 12:0 a.m.8 views

CVE-2021-34249

SQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers to view sensitive information via the id paremeter in application URL...

7.6AI score0.01229EPSS
Exploits1References2
CNVD
CNVD
added 2023/02/10 12:0 a.m.23 views

TPCMS Access Control Error Vulnerability (CNVD-2023-09604)

TPCMS is a source of happiness Source of Happiness individual developers of an open source content management system. An access control error vulnerability exists in TPCMS version 3.2. A remote attacker could exploit this vulnerability to obtain sensitive information via the application URL...

7.5CVSS7.3AI score0.00923EPSS
Exploits1References1
Prion
Prion
added 2023/02/03 6:15 p.m.24 views

Improper access control

Incorrect Access Control issue discovered in KiteCMS 1.1 allows remote attackers to view sensitive information via path in application URL...

5CVSS7.4AI score0.00887EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/03 12:0 a.m.5 views

CVE-2021-36544

Incorrect Access Control issue discovered in tpcms 3.2 allows remote attackers to view sensitive information via path in application URL...

6.8AI score0.00923EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2022/06/27 12:0 a.m.248 views

Library Management System With QR Code 1.0 Shell Upload

Title: Library Management System with QR code AttendanceFile Upload RCE Author: Ashish Kumar https://www.linkedin.com/in/ashish-kumar-0b65a3184 Date: 27.06.2022 Vendor: https://www.sourcecodester.com/users/kingbhob02 Software:...

7.4AI score
Exploits0
OSV
OSV
added 2022/01/18 5:15 p.m.15 views

CVE-2022-22690

Within the Umbraco CMS, a configuration element named "UmbracoApplicationUrl" or just "ApplicationUrl" is used whenever application code needs to build a URL pointing back to the site. For example, when a user resets their password and the application builds a password reset URL or when the...

7.5CVSS7.6AI score0.01138EPSS
Exploits2References1
Prion
Prion
added 2022/01/18 5:15 p.m.15 views

Default credentials

Within the Umbraco CMS, a configuration element named "UmbracoApplicationUrl" or just "ApplicationUrl" is used whenever application code needs to build a URL pointing back to the site. For example, when a user resets their password and the application builds a password reset URL or when the...

5CVSS7.4AI score0.01138EPSS
Exploits2References1Affected Software1
Prion
Prion
added 2020/12/09 5:15 p.m.19 views

Open redirect

SAP Solution Manager Trace Analysis, version - 720, allows for misuse of a parameter in the application URL leading to Open Redirect vulnerability, an attacker can enter a link to malicious site which could trick the user to enter credentials or download malicious software, as a parameter in the...

5.8CVSS6.2AI score0.02338EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2020/09/22 5:39 p.m.28 views

CVE-2020-14024

Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored and/or reflected XSS vulnerabilities via the 1 Receiver or Recipient field in the Mailbox feature, 2 OZFORMGROUPNAME field in the Group configuration of addresses, 3 listname field in the Defining address lists configuration, o...

6.2AI score0.00719EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:7 a.m.15 views

Security Bulletin: IBM Business Process Manager (BPM) document store is affected by clickjacking vulnerability in administrative tool for BPM document store (CVE-2013-5462)

Summary A clickjacking vulnerability has been reported for the administrative tool ACCE of the embedded component used by IBM BPM document store. Vulnerability Details CVEID: CVE-2013-5462 DESCRIPTION: The IBM Content Navigator application URL can be opened within a frame in a Web page. In this...

4.3CVSS0.6AI score0.01803EPSS
Exploits0Affected Software3
OSV
OSV
added 2018/04/04 1:29 p.m.5 views

CVE-2017-3966

Exploitation of session variables, resource IDs and other trusted credentials vulnerability in the web interface in McAfee Network Security Management NSM before 8.2.7.42.2 allows remote attackers to exploit or harm a user's browser via reusing the exposed session token in the application URL...

6.3CVSS5.8AI score0.00685EPSS
Exploits0References1
NVD
NVD
added 2018/04/04 1:29 p.m.21 views

CVE-2017-3966

Exploitation of session variables, resource IDs and other trusted credentials vulnerability in the web interface in McAfee Network Security Management NSM before 8.2.7.42.2 allows remote attackers to exploit or harm a user's browser via reusing the exposed session token in the application URL...

6.5CVSS6.4AI score0.00685EPSS
Exploits0References1
CVE
CVE
added 2018/04/04 1:0 p.m.47 views

CVE-2017-3966

CVE-2017-3966 affects the web interface of McAfee Network Security Management (NSM) prior to 8.2.7.42.2. The issue is exploitation of session variables, resource IDs and other trusted credentials via reuse of an exposed session token in the application URL. This can allow remote attackers to affe...

6.5CVSS6.4AI score0.00685EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/04/04 1:0 p.m.26 views

CVE-2017-3966 SB10192 - Network Security Management (NSM) - Exploitation of session variables, resource IDs and other trusted credentials vulnerability

Exploitation of session variables, resource IDs and other trusted credentials vulnerability in the web interface in McAfee Network Security Management NSM before 8.2.7.42.2 allows remote attackers to exploit or harm a user's browser via reusing the exposed session token in the application URL...

6.4CVSS6.5AI score0.00685EPSS
Exploits0References1
Rows per page
Query Builder