9 matches found
CVE-2024-47097
Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the site parameter of handleloginform.do...
EUVD-2024-55603
Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the site parameter of handleloginform.do...
EUVD-2024-55602
Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the showSupportExpiredMessage parameter of handleloginform.do...
CVE-2024-47096 Reflected Cross-Site Scripting in Follet School Solutions Destiny
Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the showSupportExpiredMessage parameter of handleloginform.do...
PT-2026-42770
Directory traversal in Follett Software's Destiny Library Manager 22 0 2 rc1 and fixed in v.22.5 AU1 allows remote attackers to read arbitrary system and application files via the image parameter...
PT-2024-32407 · Follett · Follet School Solutions Destiny
Name of the Vulnerable Software and Affected Versions: Follet School Solutions Destiny versions prior to 22.0.1 AU1 Description: The issue allows a remote attacker to run arbitrary client-side code via the expiredSupportMessage parameter of the "handleloginform.do" endpoint. This enables the...
CVE-2023-38826
A Cross Site Scripting XSS vulnerability exists in Follet Learning Solutions Destiny through 20.01U. via the handlewpesearchform.do. searchString...
PT-2023-26613 · Follett · Follett Destiny
Name of the Vulnerable Software and Affected Versions: Follet Learning Solutions Destiny versions through 20.0 1U Description: A Cross Site Scripting XSS issue exists, allowing exploitation via the "handlewpesearchform.do" endpoint, specifically through the searchString variable. Recommendations:...
3.2 Million Servers Vulnerable to JBoss Attack
Cisco Talos said on Friday that 3.2 million servers are vulnerable to the JBoss flaw used as the initial point of compromise in the recent SamSam ransomware attacks. Worse, researchers said that thousands of servers have already been backdoored. Hardest hit have been K-12 schools running library...