Lucene search
K

7210 matches found

NVD
NVD
added 2023/09/28 5:15 a.m.9 views

CVE-2023-44276

OPNsense before 23.7.5 allows XSS via the index.php sequence parameter to the Lobby Dashboard...

5.4CVSS5.3AI score0.00501EPSS
Exploits1References3
NVD
NVD
added 2023/09/28 3:15 a.m.9 views

CVE-2023-41446

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted script to the title parameter in the index.php component...

6.1CVSS6.4AI score0.008EPSS
Exploits1References3
NVD
NVD
added 2023/09/28 3:15 a.m.14 views

CVE-2023-41447

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the subcmd parameter in the index.php component...

6.1CVSS6.4AI score0.008EPSS
Exploits1References3
Prion
Prion
added 2023/09/28 3:15 a.m.17 views

Cross site scripting

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the subcmd parameter in the index.php component...

5.8CVSS6.3AI score0.008EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/09/28 3:15 a.m.18 views

Cross site scripting

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted script to the title parameter in the index.php component...

5.8CVSS6.3AI score0.008EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/28 12:0 a.m.14 views

CVE-2023-44276

OPNsense before 23.7.5 allows XSS via the index.php sequence parameter to the Lobby Dashboard...

5.9AI score0.00501EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/09/28 12:0 a.m.18 views

CVE-2023-41446

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted script to the title parameter in the index.php component...

6.5AI score0.008EPSS
Exploits1References3
CVE
CVE
added 2023/09/28 12:0 a.m.117 views

CVE-2023-44276

OPNsense before 23.7.5 is vulnerable to XSS via the index.php?sequence parameter in the Lobby Dashboard. Root cause: insufficient input handling for the sequence parameter in that endpoint. Impact: cross-site scripting may affect users viewing the Lobby Dashboard. Mitigation: upgrade to version 2...

5.4CVSS5.2AI score0.00501EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2023/09/28 12:0 a.m.56 views

CVE-2023-41446

CVE-2023-41446 affects phpkobo AjaxNewTicker version 1.0.5. The vulnerability is a Cross Site Scripting flaw in the index.php component, exploitable via a crafted script in the title parameter to trigger arbitrary code execution. The NVD/CVE entry rates it as CVSS v3.1 Base Score 6.1 (Medium) wit...

6.1CVSS6.4AI score0.008EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2023/09/28 12:0 a.m.144 views

CVE-2023-44275

OPNsense

5.4CVSS5.2AI score0.00501EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2023/09/27 11:15 p.m.5 views

CVE-2023-41453

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the cmd parameter in the index.php component...

6.1CVSS6.1AI score0.008EPSS
Exploits1References3
NVD
NVD
added 2023/09/27 11:15 p.m.12 views

CVE-2023-41451

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component...

6.1CVSS6.4AI score0.008EPSS
Exploits1References3
NVD
NVD
added 2023/09/27 11:15 p.m.15 views

CVE-2023-41448

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the ID parameter in the index.php component...

6.1CVSS6.4AI score0.00835EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2023/09/27 11:15 p.m.6 views

CVE-2023-41452

Cross Site Request Forgery vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component...

8.8CVSS7.8AI score0.0059EPSS
Exploits1References4
NVD
NVD
added 2023/09/27 11:15 p.m.16 views

CVE-2023-41452

Cross Site Request Forgery vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component...

8.8CVSS8.8AI score0.0059EPSS
Exploits1References3
NVD
NVD
added 2023/09/27 11:15 p.m.16 views

CVE-2023-41445

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the index.php component...

6.1CVSS6.4AI score0.00745EPSS
Exploits1References3
Prion
Prion
added 2023/09/27 11:15 p.m.17 views

Cross site scripting

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the cmd parameter in the index.php component...

5.8CVSS6.3AI score0.008EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/09/27 11:15 p.m.15 views

Cross site request forgery (csrf)

Cross Site Request Forgery vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component...

6.8CVSS8.8AI score0.0059EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/09/27 3:19 p.m.8 views

CVE-2023-44043

A reflected cross-site scripting XSS vulnerability in /install/index.php of Black Cat CMS 1.4.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website title parameter...

6.1CVSS6AI score0.00482EPSS
Exploits1References2
CVE
CVE
added 2023/09/27 1:31 p.m.59 views

CVE-2023-5221

ForU CMS contains a code injection vulnerability in /install/index.php via manipulation of the db_name argument. The issue allows remote code execution and has been publicly disclosed. Impact is tied to confidentiality, integrity, and availability at HIGH/CRITICAL levels per CVE-2023-5221, with m...

9.8CVSS6.3AI score0.013EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder