74 matches found
Dcat-Admin Cross-Site Scripting (XSS) vulnerability
Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site Scripting XSS vulnerability via /admin/auth/menu and /admin/auth/extensions...
GHSA-9Q34-7HFR-H8JM Dcat Admin Cross-site Scripting (XSS) vulnerability
Dcat Admin v2.2.0-beta contains a cross-site scripting XSS vulnerability in /admin/articles/create...
CVE-2024-54774
Dcat Admin v2.2.0-beta contains a cross-site scripting XSS vulnerability in /admin/articles/create...
CVE-2024-54775
Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site Scripting XSS vulnerability via /admin/auth/menu and /admin/auth/extensions...
PT-2024-36416 · Unknown · Dcat-Admin
Name of the Vulnerable Software and Affected Versions: Dcat Admin version 2.2.0-beta Description: The issue is a cross-site scripting XSS vulnerability. It affects the /admin/articles/create endpoint. Recommendations: For Dcat Admin version 2.2.0-beta, consider disabling access to the...
Dcat Admin 安全漏洞
Dcat Admin is a second development based on laravel-admin to build the backend system tools . A cross-site scripting vulnerability exists in Dcat Admin v2.2.0-beta, which stems from the lack of effective filtering and escaping of user-supplied data in /admin/articles/create, and can be exploited ...
Dcat Admin 安全漏洞
Dcat Admin is a backend system builder based on the secondary development of laravel-admin by Jiang Qinghua. A security vulnerability exists in Dcat Admin v2.2.0-beta and v2.2.2-beta, which was discovered to contain a cross-site scripting vulnerability via /admin/auth/menu and...
CVE-2024-54774
Dcat Admin v2.2.0-beta contains a cross-site scripting XSS vulnerability in /admin/articles/create...
CVE-2024-54774
Dcat Admin v2.2.0-beta contains a cross-site scripting (XSS) vulnerability in the /admin/articles/create endpoint. The root cause is the lack of effective filtering and escaping of user-supplied data, enabling an attacker to inject and execute arbitrary web script or HTML. Public references in mu...
CVE-2024-54774
Dcat Admin v2.2.0-beta contains a cross-site scripting XSS vulnerability in /admin/articles/create...
CVE-2024-54775
Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site Scripting XSS vulnerability via /admin/auth/menu and /admin/auth/extensions...
CVE-2024-54775
Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site Scripting XSS vulnerability via /admin/auth/menu and /admin/auth/extensions...
PT-2024-36417 · Unknown · Dcat-Admin
Name of the Vulnerable Software and Affected Versions: Dcat-Admin versions 2.2.0-beta through 2.2.2-beta Description: The issue is a Cross-Site Scripting XSS vulnerability. It can be exploited via the "/admin/auth/menu" and "/admin/auth/extensions" API endpoints. Recommendations: For versions...
CVE-2024-54775
Dcat-Admin versions 2.2.0-beta and 2.2.2-beta are affected by a Cross-Site Scripting (XSS) vulnerability exposed via the /admin/auth/menu and /admin/auth/extensions endpoints. The issue is described across multiple sources as XSS; some entries (Snyk) attribute the vulnerability to improper saniti...
CVE-2024-54775
Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site Scripting XSS vulnerability via /admin/auth/menu and /admin/auth/extensions...
CVE-2024-54774
Dcat Admin v2.2.0-beta contains a cross-site scripting XSS vulnerability in /admin/articles/create...
GHSA-MR24-CF69-5CHQ dcat-admin Cross Site Scripting vulnerability
Cross Site Scripting vulnerability in dcat-admin v.2.1.3 and before allows a remote attacker to execute arbitrary code via a crafted script to the user login box...
dcat-admin Cross Site Scripting vulnerability
Cross Site Scripting vulnerability in dcat-admin v.2.1.3 and before allows a remote attacker to execute arbitrary code via a crafted script to the user login box...
CVE-2024-29644
Cross Site Scripting vulnerability in dcat-admin v.2.1.3 and before allows a remote attacker to execute arbitrary code via a crafted script to the user login box...
Dcat Admin 安全漏洞
Dcat Admin is a backend system builder based on the secondary development of laravel-admin by Jiang Qinghua's personal developer. A security vulnerability exists in Dcat Admin v.2.1.3 and earlier versions. The vulnerability can be exploited by remote attackers to execute arbitrary code in the use...