Lucene search
+L

198 matches found

ATTACKERKB
ATTACKERKB
added 2024/03/06 1:15 a.m.5 views

CVE-2023-49971

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at /customersupport/index.php?page=customerlist...

6.1CVSS6AI score0.00433EPSS
Exploits1References3
Prion
Prion
added 2024/03/06 1:15 a.m.14 views

Cross site scripting

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the contact parameter at /customersupport/index.php?page=customerlist...

5.9AI score0.0045EPSS
Exploits1References2
Prion
Prion
added 2024/03/06 1:15 a.m.12 views

Cross site scripting

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the subject parameter at /customersupport/index.php?page=newticket...

5.9AI score0.00466EPSS
Exploits4References2
Prion
Prion
added 2024/03/06 1:15 a.m.11 views

Cross site scripting

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at /customersupport/index.php?page=customerlist...

5.9AI score0.00433EPSS
Exploits1References2
Prion
Prion
added 2024/03/06 1:15 a.m.13 views

Cross site scripting

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the address parameter at /customersupport/index.php?page=newcustomer...

5.9AI score0.0045EPSS
Exploits1References2
Prion
Prion
added 2024/03/06 1:15 a.m.21 views

Cross site scripting

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter at /customersupport/index.php?page=customerlist...

5.9AI score0.0045EPSS
Exploits1References2
CVE
CVE
added 2024/03/06 12:0 a.m.51 views

CVE-2023-49979

CVE-2023-49979 concerns a directory listing vulnerability in the Customer Support System v1, allowing unauthenticated attackers to enumerate directories and sensitive files. The issue affects the web application’s handling of directory access (no auth required) and is described consistently acros...

7.5CVSS6.6AI score0.00745EPSS
Exploits1References2Affected Software1
0day.today
0day.today
added 2024/03/06 12:0 a.m.433 views

Customer Support System 1.0 SQL Injection Vulnerability

Customer Support System version 1.0 suffers from a remote SQL injection vulnerability in /customersupport/ajax.php. Original discovery of SQL injection in this version is attributed to Ahmed Abbas in November of 2020. Exploit Title: Customer Support System 1.0 - Multiple SQL injection...

8.8CVSS9AI score0.13754EPSS
Exploits6
CNNVD
CNNVD
added 2024/03/06 12:0 a.m.4 views

Customer Support System 跨站脚本漏洞

Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a cross-site scripting vulnerability that stems fro...

6.1CVSS6.2AI score0.00433EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/03/06 12:0 a.m.4 views

Customer Support System 跨站脚本漏洞

Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a cross-site scripting vulnerability that stems fro...

6.1CVSS5.9AI score0.0045EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/03/06 12:0 a.m.3 views

Customer Support System 跨站脚本漏洞

Customer Support System is a customer support system by oretnom23 Personal Developer that helps a particular business or company to provide customer support after a customer has purchased a product from them. Customer Support System suffers from a cross-site scripting vulnerability that stems fro...

6.1CVSS5.9AI score0.0045EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/03/06 12:0 a.m.21 views

CVE-2023-49978

Incorrect access control in Customer Support System v1 allows non-administrator users to access administrative pages and execute actions reserved for administrators...

7AI score0.00835EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/03/06 12:0 a.m.13 views

CVE-2023-49974

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the contact parameter at /customersupport/index.php?page=customerlist...

5.7AI score0.0045EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2024/03/06 12:0 a.m.465 views

Customer Support System 1.0 SQL Injection

Exploit Title: Customer Support System 1.0 - Multiple SQL injection vulnerabilities Date: 15/12/2023 Exploit Author: Geraldo Alcantara Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...

8.8CVSS7.4AI score0.13754EPSS
Exploits6
CVE
CVE
added 2024/03/06 12:0 a.m.48 views

CVE-2023-49978

CVE-2023-49978 concerns an improper access control in the Customer Support System v1, where non-administrator users can access administrative pages and perform actions reserved for admins. Documents confirm the affected software and root cause as insufficient access restrictions on admin interfac...

8.8CVSS7AI score0.00835EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/03/06 12:0 a.m.19 views

CVE-2023-49971

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at /customersupport/index.php?page=customerlist...

5.7AI score0.00433EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/03/06 12:0 a.m.19 views

CVE-2023-49974

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the contact parameter at /customersupport/index.php?page=customerlist...

5.7AI score0.0045EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/03/06 12:0 a.m.23 views

CVE-2023-49979

A directory listing vulnerability in Customer Support System v1 allows attackers to list directories and sensitive files within the application without requiring authorization...

6.6AI score0.00745EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/03/06 12:0 a.m.39 views

CVE-2023-49976

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the subject parameter at /customersupport/index.php?page=newticket...

5.7AI score0.00466EPSS
Exploits4References2
Cvelist
Cvelist
added 2024/03/06 12:0 a.m.23 views

CVE-2023-49977

A cross-site scripting XSS vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the address parameter at /customersupport/index.php?page=newcustomer...

5.7AI score0.0045EPSS
Exploits1References2
Rows per page
Query Builder