Lucene search
K

660 matches found

Positive Technologies
Positive Technologies
added 2025/04/17 12:0 a.m.5 views

PT-2025-16961 · Unknown · Codeastro Internet Banking System

Name of the Vulnerable Software and Affected Versions: Code Astro Internet Banking System version 2.0.0 Description: The issue concerns Cross Site Scripting XSS via the name parameter in the "/admin/pages account.php" API endpoint. This allows for potential malicious script injection. No...

6.1CVSS6AI score0.00251EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/04/17 12:0 a.m.30 views

CVE-2025-29015

Code Astro Internet Banking System 2.0.0 is vulnerable to Cross Site Scripting XSS via the name parameter in /admin/pagesaccount.php...

0.00251EPSS
Exploits1References2
CVE
CVE
added 2025/04/17 12:0 a.m.54 views

CVE-2025-29015

CVE-2025-29015 affects Code Astro Internet Banking System 2.0.0. The vulnerability is an Cross Site Scripting (XSS) flaw that can be triggered via the name parameter in /admin/pages_account.php, allowing script injection. The issue is documented with CVSS v3.1 base metrics: AV:N/AC:L/PR:N/UI:R/S:...

6.1CVSS6.1AI score0.00251EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/12 12:5 a.m.19 views

CVE-2025-29017

A Remote Code Execution RCE vulnerability exists in Code Astro Internet Banking System 2.0.0 due to improper file upload validation in the profilepic parameter within pagesviewclient.php...

8.8CVSS7.9AI score0.00749EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/04/11 3:49 a.m.20 views

CVE-2025-29018

A Stored Cross-Site Scripting XSS vulnerability exists in the name parameter of pagesaddacctype.php in Code Astro Internet Banking System 2.0.0...

4.8CVSS5.8AI score0.00239EPSS
Exploits1References1
NVD
NVD
added 2025/04/10 2:15 p.m.15 views

CVE-2025-29017

A Remote Code Execution RCE vulnerability exists in Code Astro Internet Banking System 2.0.0 due to improper file upload validation in the profilepic parameter within pagesviewclient.php...

8.8CVSS0.00749EPSS
Exploits2References1
OSV
OSV
added 2025/04/10 2:15 p.m.4 views

CVE-2025-29017

A Remote Code Execution RCE vulnerability exists in Code Astro Internet Banking System 2.0.0 due to improper file upload validation in the profilepic parameter within pagesviewclient.php...

8.8CVSS5.9AI score0.00749EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/04/10 12:0 a.m.15 views

CVE-2025-29017

A Remote Code Execution RCE vulnerability exists in Code Astro Internet Banking System 2.0.0 due to improper file upload validation in the profilepic parameter within pagesviewclient.php...

0.00749EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2025/04/10 12:0 a.m.5 views

PT-2025-15988 · Unknown · Codeastro Internet Banking System

Name of the Vulnerable Software and Affected Versions: Code Astro Internet Banking System version 2.0.0 Description: A Remote Code Execution RCE vulnerability exists due to improper file upload validation in the profile pic parameter within pages view client.php. Recommendations: Code Astro...

8.8CVSS7AI score0.00749EPSS
Exploits2References9
CVE
CVE
added 2025/04/10 12:0 a.m.65 views

CVE-2025-29017

Code Astro Internet Banking System 2.0.0 is reported vulnerable via the profile_pic parameter in pages_view_client.php due to improper file upload validation, allowing an attacker to upload a malicious PHP file and achieve Remote Code Execution (RCE). The linked exploit/documentation describes by...

8.8CVSS7.2AI score0.00749EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/10 12:0 a.m.8 views

CVE-2025-29017

A Remote Code Execution RCE vulnerability exists in Code Astro Internet Banking System 2.0.0 due to improper file upload validation in the profilepic parameter within pagesviewclient.php...

9AI score0.00749EPSS
Exploits2References1
NVD
NVD
added 2025/04/09 9:16 p.m.17 views

CVE-2025-29018

A Stored Cross-Site Scripting XSS vulnerability exists in the name parameter of pagesaddacctype.php in Code Astro Internet Banking System 2.0.0...

4.8CVSS0.00239EPSS
Exploits1References1
OSV
OSV
added 2025/04/09 9:16 p.m.3 views

CVE-2025-29018

A Stored Cross-Site Scripting XSS vulnerability exists in the name parameter of pagesaddacctype.php in Code Astro Internet Banking System 2.0.0...

4.8CVSS5.8AI score0.00239EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/04/09 12:0 a.m.9 views

CVE-2025-29018

A Stored Cross-Site Scripting XSS vulnerability exists in the name parameter of pagesaddacctype.php in Code Astro Internet Banking System 2.0.0...

5AI score0.00239EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/04/09 12:0 a.m.4 views

PT-2025-15868 · Unknown · Codeastro Internet Banking System

Name of the Vulnerable Software and Affected Versions: Code Astro Internet Banking System version 2.0.0 Description: A Stored Cross-Site Scripting XSS issue exists in the name parameter of pages add acc type.php in the Code Astro Internet Banking System. This allows for malicious script execution...

4.8CVSS5.6AI score0.00239EPSS
Exploits1References6
CVE
CVE
added 2025/04/09 12:0 a.m.72 views

CVE-2025-29018

CVE-2025-29018 affects Code Astro Internet Banking System 2.0.0. The vulnerability is a Stored Cross-Site Scripting (XSS) in the name parameter of pages_add_acc_type.php. Core details: vulnerable component is the PHP page handler and the issue arises from unsanitized/reflective input in the name ...

4.8CVSS5.9AI score0.00239EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/04/09 12:0 a.m.15 views

CVE-2025-29018

A Stored Cross-Site Scripting XSS vulnerability exists in the name parameter of pagesaddacctype.php in Code Astro Internet Banking System 2.0.0...

0.00239EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2025/03/31 5:31 p.m.8 views

@andrewzagorski/admin (>=4.25.19-patch.2 <=4.25.19-patch.3), @andrewzagorski/pack-up (=4.23.1-prerelease.2) +21 more potentially affected by CVE-2025-31125 via vite (>=6.0.0 <=6.0.11)

vite NPM version =6.0.0, =4.25.19-patch.2, =19.1.5, =5.0.0-alpha.37, =2.11.0, =2.11.0, =11.23.0, =0.0.0-experimental-13bd4c2-20250203-4e3af844, =0.0.0-snapshot-1d99fea7d2ce2c7a5d9ed0a3752f8a7bda6bc3db, =0.0.0-snapshot-1d99fea7d2ce2c7a5d9ed0a3752f8a7bda6bc3db, =1.0.6, =1.0.7 - @tuax/plugin-vite6...

7.5CVSS6.5AI score0.58765EPSS
Exploits9
vulnersOsv
vulnersOsv
added 2025/03/25 2:0 p.m.7 views

@andrewzagorski/admin (>=4.25.19-patch.2 <=4.25.19-patch.3), @andrewzagorski/pack-up (=4.23.1-prerelease.2) +21 more potentially affected by CVE-2025-30208 via vite (>=6.0.0 <=6.0.11)

vite NPM version =6.0.0, =4.25.19-patch.2, =19.1.5, =5.0.0-alpha.37, =2.11.0, =2.11.0, =11.23.0, =0.0.0-experimental-13bd4c2-20250203-4e3af844, =0.0.0-snapshot-1d99fea7d2ce2c7a5d9ed0a3752f8a7bda6bc3db, =0.0.0-snapshot-1d99fea7d2ce2c7a5d9ed0a3752f8a7bda6bc3db, =1.0.6, =1.0.7 - @tuax/plugin-vite6...

7.5CVSS6.5AI score0.76736EPSS
Exploits28
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/20 4:46 p.m.4 views

Malicious code in storyblok-rich-text-astro-renderer-workspace (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ca413e5e4f59154a8de4096af868e37c16b2b9df85e5e20a341283c83e7b1db Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder