Lucene search
+L

74 matches found

Github Security Blog
Github Security Blog
added 2024/12/28 12:30 a.m.17 views

Dcat-Admin Cross-Site Scripting (XSS) vulnerability

Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site Scripting XSS vulnerability via /admin/auth/menu and /admin/auth/extensions...

4.8CVSS5.8AI score0.00264EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/12/28 12:30 a.m.13 views

GHSA-9Q34-7HFR-H8JM Dcat Admin Cross-site Scripting (XSS) vulnerability

Dcat Admin v2.2.0-beta contains a cross-site scripting XSS vulnerability in /admin/articles/create...

4.8CVSS4.8AI score0.00315EPSS
Exploits1References3
NVD
NVD
added 2024/12/27 10:15 p.m.16 views

CVE-2024-54774

Dcat Admin v2.2.0-beta contains a cross-site scripting XSS vulnerability in /admin/articles/create...

4.8CVSS0.00315EPSS
Exploits1References1
NVD
NVD
added 2024/12/27 10:15 p.m.46 views

CVE-2024-54775

Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site Scripting XSS vulnerability via /admin/auth/menu and /admin/auth/extensions...

4.8CVSS0.00264EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/27 12:0 a.m.6 views

PT-2024-36416 · Unknown · Dcat-Admin

Name of the Vulnerable Software and Affected Versions: Dcat Admin version 2.2.0-beta Description: The issue is a cross-site scripting XSS vulnerability. It affects the /admin/articles/create endpoint. Recommendations: For Dcat Admin version 2.2.0-beta, consider disabling access to the...

4.8CVSS4.8AI score0.00315EPSS
Exploits1References11
CNNVD
CNNVD
added 2024/12/27 12:0 a.m.5 views

Dcat Admin 安全漏洞

Dcat Admin is a second development based on laravel-admin to build the backend system tools . A cross-site scripting vulnerability exists in Dcat Admin v2.2.0-beta, which stems from the lack of effective filtering and escaping of user-supplied data in /admin/articles/create, and can be exploited ...

4.8CVSS6AI score0.00315EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/27 12:0 a.m.6 views

Dcat Admin 安全漏洞

Dcat Admin is a backend system builder based on the secondary development of laravel-admin by Jiang Qinghua. A security vulnerability exists in Dcat Admin v2.2.0-beta and v2.2.2-beta, which was discovered to contain a cross-site scripting vulnerability via /admin/auth/menu and...

4.8CVSS6AI score0.00264EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/12/27 12:0 a.m.10 views

CVE-2024-54774

Dcat Admin v2.2.0-beta contains a cross-site scripting XSS vulnerability in /admin/articles/create...

5.8AI score0.00315EPSS
Exploits1References1
CVE
CVE
added 2024/12/27 12:0 a.m.55 views

CVE-2024-54774

Dcat Admin v2.2.0-beta contains a cross-site scripting (XSS) vulnerability in the /admin/articles/create endpoint. The root cause is the lack of effective filtering and escaping of user-supplied data, enabling an attacker to inject and execute arbitrary web script or HTML. Public references in mu...

4.8CVSS5.8AI score0.00315EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/12/27 12:0 a.m.17 views

CVE-2024-54774

Dcat Admin v2.2.0-beta contains a cross-site scripting XSS vulnerability in /admin/articles/create...

0.00315EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/12/27 12:0 a.m.17 views

CVE-2024-54775

Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site Scripting XSS vulnerability via /admin/auth/menu and /admin/auth/extensions...

0.00264EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/12/27 12:0 a.m.12 views

CVE-2024-54775

Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site Scripting XSS vulnerability via /admin/auth/menu and /admin/auth/extensions...

5.9AI score0.00264EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/12/27 12:0 a.m.6 views

PT-2024-36417 · Unknown · Dcat-Admin

Name of the Vulnerable Software and Affected Versions: Dcat-Admin versions 2.2.0-beta through 2.2.2-beta Description: The issue is a Cross-Site Scripting XSS vulnerability. It can be exploited via the "/admin/auth/menu" and "/admin/auth/extensions" API endpoints. Recommendations: For versions...

4.8CVSS5.3AI score0.00264EPSS
Exploits1References11
CVE
CVE
added 2024/12/27 12:0 a.m.62 views

CVE-2024-54775

Dcat-Admin versions 2.2.0-beta and 2.2.2-beta are affected by a Cross-Site Scripting (XSS) vulnerability exposed via the /admin/auth/menu and /admin/auth/extensions endpoints. The issue is described across multiple sources as XSS; some entries (Snyk) attribute the vulnerability to improper saniti...

4.8CVSS5.8AI score0.00264EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/12/27 12:0 a.m.8 views

CVE-2024-54775

Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site Scripting XSS vulnerability via /admin/auth/menu and /admin/auth/extensions...

4.8CVSS5.8AI score0.00264EPSS
Exploits1References3
OSV
OSV
added 2024/12/27 12:0 a.m.5 views

CVE-2024-54774

Dcat Admin v2.2.0-beta contains a cross-site scripting XSS vulnerability in /admin/articles/create...

4.8CVSS5.6AI score0.00315EPSS
Exploits1References3
OSV
OSV
added 2024/03/26 12:31 p.m.6 views

GHSA-MR24-CF69-5CHQ dcat-admin Cross Site Scripting vulnerability

Cross Site Scripting vulnerability in dcat-admin v.2.1.3 and before allows a remote attacker to execute arbitrary code via a crafted script to the user login box...

6.1CVSS7.2AI score0.00629EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2024/03/26 12:31 p.m.14 views

dcat-admin Cross Site Scripting vulnerability

Cross Site Scripting vulnerability in dcat-admin v.2.1.3 and before allows a remote attacker to execute arbitrary code via a crafted script to the user login box...

6.1CVSS7.2AI score0.00629EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2024/03/26 12:15 p.m.11 views

CVE-2024-29644

Cross Site Scripting vulnerability in dcat-admin v.2.1.3 and before allows a remote attacker to execute arbitrary code via a crafted script to the user login box...

6.1CVSS6.9AI score0.00629EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/03/26 12:0 a.m.6 views

Dcat Admin 安全漏洞

Dcat Admin is a backend system builder based on the secondary development of laravel-admin by Jiang Qinghua's personal developer. A security vulnerability exists in Dcat Admin v.2.1.3 and earlier versions. The vulnerability can be exploited by remote attackers to execute arbitrary code in the use...

6.1CVSS7.5AI score0.00629EPSS
Exploits1References4
Rows per page
Query Builder