Lucene search
K

22 matches found

Patchstack
Patchstack
added 2026/02/26 7:23 a.m.6 views

WordPress EM Cost Calculator plugin <= 2.3.1 - Unauthenticated Stored Cross-Site Scripting via 'customer_name' vulnerability

Unauthenticated Stored Cross-Site Scripting via 'customername' vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Cost Calculator Pro versions = 2.3.1...

6.1CVSS5.3AI score0.00215EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/11 8:26 a.m.7 views

CVE-2025-40640

Stored Cross-Site Scripting XSS vulnerability in Energy CRM v2025 by Status Tracker Ltd, consisting of a stored XSS due to lack of proper validation of user input by sending a POST request to “/crm/createinvoicesubmit.php”, using the “customerName0” parameter. This vulnerability could allow a...

5.1CVSS4.8AI score0.00189EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/10 8:19 a.m.5 views

EUVD-2025-33689

Stored Cross-Site Scripting XSS vulnerability in Energy CRM v2025 by Status Tracker Ltd, consisting of a stored XSS due to lack of proper validation of user input by sending a POST request to “/crm/createinvoicesubmit.php”, using the “customerName0” parameter. This vulnerability could allow a...

5.1CVSS4.4AI score0.00189EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-23595

Malware in sbrugna...

4.8CVSS5.1AI score0.0073EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-24024

Malware in sbrugna...

5.4CVSS5.5AI score0.00622EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-37573

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01163EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-32142

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00225EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/10/03 12:45 a.m.5 views

CVE-2025-61087

SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting XSS via the Customer Name field under Customer Management Section...

6.2AI score0.00225EPSS
Exploits1References1
OSV
OSV
added 2025/10/02 3:15 p.m.4 views

CVE-2025-61087

SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting XSS via the Customer Name field under Customer Management Section...

6.1CVSS5.8AI score0.00225EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/10/02 12:0 a.m.2 views

CVE-2025-61087

SourceCodester Pet Grooming Management Software 1.0 is vulnerable to Cross Site Scripting XSS via the Customer Name field under Customer Management Section...

5.8AI score0.00225EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/10/02 12:0 a.m.5 views

PT-2025-40397

Name of the Vulnerable Software and Affected Versions SourceCodester Pet Grooming Management Software version 1.0 Description The software is susceptible to Cross Site Scripting XSS attacks. The issue is located in the Customer Name field within the Customer Management Section. Input provided...

6.1CVSS5.9AI score0.00225EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 p.m.4 views

CVE-2021-37459

Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the customer name field stored...

5.4CVSS6.1AI score0.00622EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:34 p.m.9 views

CVE-2020-36012

Stored XSS vulnerability in BDTASK Multi-Store Inventory Management System 1.0 allows a local admin to inject arbitrary code via the Customer Name Field...

4.8CVSS6.1AI score0.0073EPSS
Exploits1
CNNVD
CNNVD
added 2024/04/11 12:0 a.m.2 views

Warehouse Management System 跨站脚本漏洞

Warehouse Management System is a warehouse management system developed by Carlo Montero. A cross-site scripting vulnerability exists in Warehouse Management System version 1.0, which stems from the parameter namacustomer/alamatcustomer/notelpcustomer in the file customer.php and results in...

5.4CVSS4.4AI score0.00589EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/12/07 12:0 a.m.6 views

PT-2023-30982 · Unknown · Appointment Scheduler

Name of the Vulnerable Software and Affected Versions: Appointment Scheduler version 3.0 Description: The issue concerns Multiple Stored Cross-Site Scripting XSS problems. These issues can be exploited via several parameters, including name, plugin sms api key, plugin sms country code, calendar i...

5.4CVSS5.3AI score0.00419EPSS
Exploits1References5
OSV
OSV
added 2023/06/05 9:15 p.m.16 views

CVE-2023-33410

Minical 1.0.0 and earlier contains a CSV injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on the Customer Name field in the Accounting module that is used to construct a CSV file...

8.8CVSS7.6AI score0.01163EPSS
Exploits1References2
OSV
OSV
added 2021/07/25 9:15 p.m.3 views

CVE-2021-37459

Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the customer name field stored...

5.4CVSS6.1AI score0.00622EPSS
Exploits1References2
Prion
Prion
added 2021/07/25 9:15 p.m.12 views

Cross site scripting

Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the customer name field stored...

3.5CVSS5.3AI score0.00622EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2021/01/27 1:15 p.m.2 views

CVE-2020-36012

Stored XSS vulnerability in BDTASK Multi-Store Inventory Management System 1.0 allows a local admin to inject arbitrary code via the Customer Name Field...

4.8CVSS6AI score0.0073EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2021/01/27 1:15 p.m.5 views

CVE-2020-36012

Stored XSS vulnerability in BDTASK Multi-Store Inventory Management System 1.0 allows a local admin to inject arbitrary code via the Customer Name Field...

4.8CVSS5.7AI score0.0073EPSS
Exploits1References4
Rows per page
Query Builder