Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-18560

Malware in sbrugna...

6.1CVSS6.2AI score0.03837EPSS
Exploits4References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-18559

Malware in sbrugna...

6.1CVSS6.2AI score0.03424EPSS
Exploits4References5
CNVD
CNVD
added 2022/05/07 12:0 a.m.14 views

Cyclos 4 PRO Cross-Site Scripting Vulnerability (CNVD-2022-77956)

Cyclos 4 PRO is a web server. a cross-site scripting vulnerability exists in Cyclos 4 PRO version 4.14.7 and earlier, which stems from a failure to validate user input during error notification. A remote, unauthenticated attacker could execute javascript code via undefine enumeration constants...

4.3CVSS4.5AI score0.03837EPSS
Exploits4Affected Software1
CNVD
CNVD
added 2022/05/07 12:0 a.m.19 views

Cyclos 4 PRO Cross-Site Scripting Vulnerability

Cyclos 4 PRO is a web server. A cross-site scripting vulnerability exists in Cyclos 4 PRO version 4.14.7 and earlier, which can be exploited by remote attackers to inject arbitrary web scripts or HTML via the groupId parameter...

4.3CVSS3.2AI score0.03424EPSS
Exploits4Affected Software1
NVD
NVD
added 2022/05/02 12:15 a.m.9 views

CVE-2021-31674

Cyclos 4 PRO 4.14.7 and before does not validate user input at error inform, which allows remote unauthenticated attacker to execute javascript code via undefine enum constant...

6.1CVSS0.03837EPSS
Exploits4References3
Prion
Prion
added 2022/05/02 12:15 a.m.14 views

Input validation

Cyclos 4 PRO 4.14.7 and before does not validate user input at error inform, which allows remote unauthenticated attacker to execute javascript code via undefine enum constant...

4.3CVSS6.6AI score0.03837EPSS
Exploits4References3Affected Software1
Prion
Prion
added 2022/05/02 12:15 a.m.13 views

Cross site scripting

A Dom-based Cross-site scripting XSS vulnerability at registration account in Cyclos 4 PRO.14.7 and before allows remote attackers to inject arbitrary web script or HTML via the groupId parameter...

4.3CVSS6AI score0.03424EPSS
Exploits4References3Affected Software1
CNNVD
CNNVD
added 2022/05/02 12:0 a.m.2 views

Cyclos 4 PRO 跨站脚本漏洞

Cyclos 4 PRO is a web server. A cross-site scripting vulnerability exists in Cyclos 4 PRO version 4.14.7 and earlier, which can be exploited by remote attackers to inject arbitrary web scripts or HTML via the groupId parameter...

6.1CVSS6.1AI score0.03424EPSS
Exploits4References8
CVE
CVE
added 2022/05/01 11:8 p.m.91 views

CVE-2021-31673

CVE-2021-31673 describes a DOM-based cross-site scripting (XSS) vulnerability in Cyclos 4 PRO (web app) affecting version 4.14.7 and earlier. The flaw allows remote attackers to inject arbitrary script or HTML through the groupId parameter during user registration. The affected component is Cyclo...

6.1CVSS6AI score0.03424EPSS
Exploits4References3Affected Software1
Cvelist
Cvelist
added 2022/05/01 11:6 p.m.15 views

CVE-2021-31674

Cyclos 4 PRO 4.14.7 and before does not validate user input at error inform, which allows remote unauthenticated attacker to execute javascript code via undefine enum constant...

6.8AI score0.03837EPSS
Exploits4References3
CVE
CVE
added 2022/05/01 11:6 p.m.83 views

CVE-2021-31674

Cyclos 4 PRO 4.14.7 and earlier is affected by a DOM/UX-related cross-site scripting vulnerability: it does not validate user input in error information, enabling a remote unauthenticated attacker to execute JavaScript via an undefined enum constant. This issue is documented across multiple sourc...

6.1CVSS6.6AI score0.03837EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder