102 matches found
EUVD-2021-12904
Malware in sbrugna...
EUVD-2019-7946
Malware in sbrugna...
EUVD-2005-2862
Malware in sbrugna...
Cross-site Scripting (XSS)
Overview behavex is an Agile testing framework on top of Behave BDD. Affected versions of this package are vulnerable to Cross-site Scripting XSS via when rendering step.text in the HTML report template. An attacker can inject arbitrary HTML or JavaScript in the context of a user's browser by...
windows-privesc-check
It is an offensive tool for Windows privilege escalation checking. The tool, windows-privesc-check, is a standalone executable that runs on Windows systems, attempting to find misconfigurations that could allow local unprivileged users to escalate privileges to other users or access local apps. I...
Malicious code in html-report (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 76dfd70352bf673a00030f6d35ad320bc633fad730881d95d897d878d7ce662b Any computer that has this package installed or running should be considered...
MAL-2025-4562 Malicious code in html-report (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 76dfd70352bf673a00030f6d35ad320bc633fad730881d95d897d878d7ce662b Any computer that has this package installed or running should be considered...
CVE-2024-0720
A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up to 1.9. Affected is an unknown function of the component HTML Report Generator. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
CVE-2019-17634
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a cross site scripting XSS vulnerability when generating an HTML report from a malicious heap dump. The user must chose todownload, open the malicious heap dump and generate an HTML report for the problem to occur. The heap dump coul...
MrHandler - Linux Incident Response Reporting
MR.Handler is a specialized tool designed for responding to security incidents on Linux systems. It connects to target systems via SSH to execute a range of diagnostic commands, gathering crucial information such as network configurations, system logs, user accounts, and running processes. At the...
CVE-2024-0720
A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up to 1.9. Affected is an unknown function of the component HTML Report Generator. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-0720
A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up to 1.9. Affected is an unknown function of the component HTML Report Generator. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
Cross site scripting
A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up to 1.9. Affected is an unknown function of the component HTML Report Generator. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-0720 FactoMineR FactoInvestigate HTML Report Generator cross site scripting
A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up to 1.9. Affected is an unknown function of the component HTML Report Generator. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-0720 FactoMineR FactoInvestigate HTML Report Generator cross site scripting
A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up to 1.9. Affected is an unknown function of the component HTML Report Generator. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-0720
CVE-2024-0720 affects FactoMineR FactoInvestigate up to version 1.9, with the HTML Report Generator component vulnerable to cross-site scripting. The vulnerability is triggered in the HTML Report Generator, can be exploited remotely, and the exploit has been disclosed publicly. Reports from multi...
CVE-2024-22877
StrangeBee TheHive 5.2.0 to 5.2.8 is vulnerable to Cross Site Scripting XSS in the case reporting functionality. This feature allows an attacker to insert malicious JavaScript code inside the template or its variables, that will be executed in the context of the TheHive application when the HTML...
Cross site scripting
StrangeBee TheHive 5.2.0 to 5.2.8 is vulnerable to Cross Site Scripting XSS in the case reporting functionality. This feature allows an attacker to insert malicious JavaScript code inside the template or its variables, that will be executed in the context of the TheHive application when the HTML...
PT-2024-15779 · Unknown · Factominer Factoinvestigate
Name of the Vulnerable Software and Affected Versions: FactoMineR FactoInvestigate versions up to 1.9 Description: A problematic vulnerability was found in the HTML Report Generator component of FactoMineR FactoInvestigate, leading to cross-site scripting. The manipulation can be launched remotel...
CVE-2024-22877
StrangeBee TheHive 5.2.0 to 5.2.8 is vulnerable to Cross Site Scripting XSS in the case reporting functionality. This feature allows an attacker to insert malicious JavaScript code inside the template or its variables, that will be executed in the context of the TheHive application when the HTML...