10 matches found
CVE-2025-65300
A stored Cross-Site Scripting XSS vulnerability exists in the Coohom SaaS Platform feVersion=1760060603897 2025-10-28 in the Account Settings module, where unsanitized user input in Address fields City, State, Country/Region is rendered back to the page. Attackers can inject arbitrary JavaScript...
CVE-2025-65300
A stored Cross-Site Scripting XSS vulnerability exists in the Coohom SaaS Platform feVersion=1760060603897 2025-10-28 in the Account Settings module, where unsanitized user input in Address fields City, State, Country/Region is rendered back to the page. Attackers can inject arbitrary JavaScript...
π Coohom SaaS Cross Site Scripting
Coohoom SaaS is susceptible to a persistent cross site scripting vulnerability. CVE-2025-65300 Description CVE-2025-65300: Stored Cross-Site Scripting XSS Vulnerability in Coohom SaaS Platform Disclosure Date: 2025-10-28 Last Updated: 2025-10-28 Reporter: Phisit Pupiw Vendor: Coohom CWE: CWE-79 β...
CVE-2024-31065
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the City input field...
CVE-2024-31065
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the City input field...
CVE-2024-31065
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the City input field...
CVE-2024-31065
CVE-2024-31065 affects the Insurance Management System (version 1.0.0 and earlier). A Cross-Site Scripting (XSS) flaw in the City input field could allow a remote attacker to execute arbitrary code. Public sources indicate upgrading to a fixed version is recommended (no specific patched version i...
CVE-2024-31065
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the City input field...
CVE-2024-31065
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the City input field...
CVE-2024-2393
A vulnerability was found in SourceCodester CRUD without Page Reload 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file adduser.php. The manipulation of the argument city leads to sql injection. The attack can be launched remotely. The...