Lucene search
K

2125 matches found

Cvelist
Cvelist
added 2024/09/12 12:0 a.m.15 views

CVE-2020-24061

Cross Site Scripting XSS Vulnerability in Firewall menu in Control Panel in KASDA KW5515 version 4.3.1.0, allows attackers to execute arbitrary code and steal cookies via a crafted script...

0.00331EPSS
Exploits1References2
OSV
OSV
added 2024/09/09 6:18 p.m.13 views

GHSA-28H4-788G-RH42 Craft CMS vulnerable to stored XSS in breadcrumb list and title fields

Summary Multiple Stored XSS can be triggered by the breadcrumb list and title fields with user input. Details 1. In the /admin/categories page, category title isn't sanitized and triggered xss. 2. In the category edit page under the /admin/categories/, category title in breadcrumb list isn't...

5.5CVSS5AI score0.00334EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2024/09/09 6:18 p.m.23 views

Craft CMS vulnerable to stored XSS in breadcrumb list and title fields

Summary Multiple Stored XSS can be triggered by the breadcrumb list and title fields with user input. Details 1. In the /admin/categories page, category title isn't sanitized and triggered xss. 2. In the category edit page under the /admin/categories/, category title in breadcrumb list isn't...

5.5CVSS5.8AI score0.00334EPSS
Exploits1References4Affected Software1
Packet Storm
Packet Storm
added 2024/09/06 12:0 a.m.247 views

File Management System 1.0 Insecure Direct Object Reference

============================================================================================================================================= | Title : File Management System 1.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits...

7.4AI score
Exploits0
Citrix
Citrix
added 2024/09/06 12:0 a.m.8 views

VDA 2402 LTSR Features are not shown as installed when you attempt to change the VDA installation

You may not see the below features selected or installed after you attempt to change or modify the VDA installation from Control panel Use Windows Remote Assistance Use Real-Time Audio Transport Use Screen Sharing Is this VDA installed on VM in the Cloud...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.311 views

Online Bus Ticketing 1.0 Insecure Direct Object Reference

============================================================================================================================================= | Title : Online Bus Ticketing v1.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits ...

7.4AI score
Exploits0
NVD
NVD
added 2024/08/12 10:15 p.m.11 views

CVE-2024-43218

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mediavine Mediavine Control Panel mediavine-control-panel.This issue affects Mediavine Control Panel: from n/a through = 2.10.4...

6.5CVSS0.00245EPSS
Exploits0References1
CVE
CVE
added 2024/08/12 9:30 p.m.46 views

CVE-2024-43218

Stored XSS in Mediavine Control Panel (CVE-2024-43218) affects versions up to 2.10.4 and is mitigated by the patch. Exploitation requires an authenticated user and input handling that is not neutralized. No exploitation details provided beyond the noted patch status.

6.5CVSS5.9AI score0.00245EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/12 9:30 p.m.21 views

CVE-2024-43218 WordPress Mediavine Control Panel plugin <= 2.10.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mediavine Mediavine Control Panel mediavine-control-panel.This issue affects Mediavine Control Panel: from n/a through = 2.10.4...

6.5CVSS0.00245EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/12 9:30 p.m.17 views

CVE-2024-43218 WordPress Mediavine Control Panel plugin <= 2.10.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mediavine Mediavine Control Panel mediavine-control-panel.This issue affects Mediavine Control Panel: from n/a through = 2.10.4...

6.5CVSS5.2AI score0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/12 12:0 a.m.8 views

WordPress plugin Mediavine Control Panel 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS6.1AI score0.00245EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/12 12:0 a.m.4 views

PT-2024-30381 · Mediavine · Mediavine Control Panel

Name of the Vulnerable Software and Affected Versions: Mediavine Control Panel versions through 2.10.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS in the Mediavine Control Pane...

6.5CVSS5.5AI score0.00245EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/08/09 11:55 a.m.3 views

WordPress Mediavine Control Panel plugin <= 2.10.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Mediavine Control Panel versions = 2.10.4...

6.5CVSS6.1AI score0.00245EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/09 12:0 a.m.17 views

WordPress Mediavine Control Panel Plugin <= 2.10.4 is vulnerable to Cross Site Scripting (XSS)

Software Mediavine Control Panel Type Plugin Vulnerable versions = 2.10.4 Fixed in 2.10.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43218 Patch priority Low CVSS severity Low 6.5 Developer Mediavine PSID 447650b29419 Credits LVT-tholv2k Required privilege...

6.5CVSS6.9AI score0.00245EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/01 12:0 a.m.5 views

The vulnerability of the User InformationHandler component in the control panel of the software platform for integrating IBM App Connect Enterprise applications allows a perpetrator to obtain confidential calendar information using an access token with expired validity.

The vulnerability of the User Information Handler component in the software control panel for IBM App Connect Enterprise integration is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain confidential...

4.3CVSS5.5AI score0.00261EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/31 12:0 a.m.11 views

Panasonic WV-S2231L Camera Denial of Service (CVE-2020-29194)

Panasonic Security System WV-S2231L 4.25 allows a denial of service of the admin control panel which will require a physical reset to restore administrative control via Randomnum=99AC8CEC6E845B28&mode=1 in a POST request to the cgi-bin/setfactory URI. This plugin only works with Tenable.ot. Pleas...

7.5CVSS7.3AI score0.012EPSS
Exploits1References2
Kaspersky
Kaspersky
added 2024/07/23 12:0 a.m.22 views

KLA71014 PE vulnerabilities in Microsoft Apps

Elevation of privilege vulnerabilities were found in Microsoft Apps. Malicious users can exploit this vulnerabilities to gain privileges. Original advisories CVE-2024-38176 CVE-2024-38164 CVE list CVE-2024-38176 high CVE-2024-38164 critical Solution Install necessary updates from the KB section,...

9.6CVSS6.8AI score0.00933EPSS
Exploits0References3
CVE
CVE
added 2024/07/18 3:35 p.m.55 views

CVE-2024-39911

CVE-2024-39911 affects 1Panel, a web-based Linux server management control panel. The issue is an unspecified SQL injection via User-Agent handling that can impact confidentiality, integrity, and availability. Red Hat and other sources corroborate the same description and note the fix in version ...

10CVSS9.7AI score0.04566EPSS
Exploits2References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/18 3:35 p.m.30 views

CVE-2024-39911 1Panel SQL injection

1Panel is a web-based linux server management control panel. 1Panel contains an unspecified sql injection via User-Agent handling. This issue has been addressed in version 1.10.12-lts. Users are advised to upgrade. There are no known workarounds for this vulnerability...

10CVSS7.2AI score0.04566EPSS
Exploits2References2
HackRead
HackRead
added 2024/05/27 12:42 p.m.15 views

Essential Features of Cybersecurity Management Software for MSPs

By Uzair Amir Protect your clients businesses from cyber threats with Cybersecurity Management Software. Explore the unified control panel, real-time threat… This is a post from HackRead.com Read the original post: Essential Features of Cybersecurity Management Software for MSPs...

7.3AI score
Exploits0
Rows per page
Query Builder