Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/12/11 12:3 a.m.4 views

CVE-2025-64030

Eximbills Enterprise 4.1.5 Built on 2020-10-30 is vulnerable to authenticated stored cross-site scripting CWE-79 via the /EximBillWeb/servlets/WSTrxManager endpoint. Unsanitized user input in the TMPLINFO parameter is stored server-side and rendered to other users, enabling arbitrary JavaScript...

5.4CVSS6.3AI score0.00201EPSS
Exploits1References1
OSV
OSV
added 2025/12/01 3:15 p.m.5 views

CVE-2025-64030

Eximbills Enterprise 4.1.5 Built on 2020-10-30 is vulnerable to authenticated stored cross-site scripting CWE-79 via the /EximBillWeb/servlets/WSTrxManager endpoint. Unsanitized user input in the TMPLINFO parameter is stored server-side and rendered to other users, enabling arbitrary JavaScript...

5.4CVSS5.9AI score0.00201EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/12/01 12:0 a.m.2 views

CVE-2025-64030

Eximbills Enterprise 4.1.5 Built on 2020-10-30 is vulnerable to authenticated stored cross-site scripting CWE-79 via the /EximBillWeb/servlets/WSTrxManager endpoint. Unsanitized user input in the TMPLINFO parameter is stored server-side and rendered to other users, enabling arbitrary JavaScript...

5.9AI score0.00201EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/12/01 12:0 a.m.3 views

PT-2025-48448

Eximbills Enterprise 4.1.5 Built on 2020-10-30 is vulnerable to authenticated stored cross-site scripting CWE-79 via the /EximBillWeb/servlets/WSTrxManager endpoint. Unsanitized user input in the TMPL INFO parameter is stored server-side and rendered to other users, enabling arbitrary JavaScript...

6.3AI score0.00201EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/01 12:0 a.m.6 views

China Systems Eximbills Enterprise 安全漏洞

China Systems Eximbills Enterprise is a trade finance system from China Systems, a Chinese company. A security vulnerability exists in China Systems Eximbills Enterprise version 4.1.5, which stems from an uncleaned user input for the TMPLINFO parameter and could lead to a stored cross-site...

5.4CVSS5.9AI score0.00201EPSS
Exploits1References3
CVE
CVE
added 2025/12/01 12:0 a.m.9 views

CVE-2025-64030

Eximbills Enterprise 4.1.5 (built 2020-10-30) is vulnerable to authenticated stored cross-site scripting (CWE-79) via the /EximBillWeb/servlets/WSTrxManager endpoint. Unsanitized input in the TMPL_INFO parameter is stored server-side and rendered to other users, enabling arbitrary JavaScript exec...

5.4CVSS5.9AI score0.00201EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder