Lucene search
K

365 matches found

Vulnrichment
Vulnrichment
added 2025/12/15 8:28 p.m.2 views

CVE-2023-53870 Jorani 1.0.3 Cross-Site Scripting Vulnerability via Language Parameter

Jorani 1.0.3 contains a reflected cross-site scripting vulnerability in the language parameter that allows attackers to inject malicious scripts. Attackers can craft XSS payloads in the language parameter to execute arbitrary JavaScript and potentially steal user session information...

5.1CVSS5.7AI score0.003EPSS
Exploits0References3
CVE
CVE
added 2025/12/15 8:28 p.m.7 views

CVE-2023-53870

CVE-2023-53870 concerns Jorani 1.0.3, which has a reflected XSS vulnerability in the language parameter. An attacker can craft XSS payloads in the language parameter to execute arbitrary JavaScript and potentially steal user session information. Public sources in the connected documents consisten...

5.1CVSS5.7AI score0.003EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/15 8:28 p.m.19 views

CVE-2023-53870 Jorani 1.0.3 Cross-Site Scripting Vulnerability via Language Parameter

Jorani 1.0.3 contains a reflected cross-site scripting vulnerability in the language parameter that allows attackers to inject malicious scripts. Attackers can craft XSS payloads in the language parameter to execute arbitrary JavaScript and potentially steal user session information...

5.1CVSS0.003EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/15 12:0 a.m.4 views

PT-2025-51288

Name of the Vulnerable Software and Affected Versions Jorani version 1.0.3 Description The software contains a reflected cross-site scripting issue in the language parameter. An attacker can inject malicious scripts by crafting XSS payloads within this parameter, potentially enabling the executio...

5.1CVSS6.1AI score0.003EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/15 12:0 a.m.4 views

Jorani 跨站脚本漏洞

Jorani is a leave management system by Benjamin BALET, an individual developer in France. It is intended to provide a simple workflow for leave and overtime requests for small organizations. A cross-site scripting vulnerability exists in Jorani version 1.0.3, which stems from the presence of...

5.1CVSS6.4AI score0.003EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/13 12:0 a.m.20 views

CVE-2025-60684

A stack buffer overflow vulnerability exists in the ToToLink LR1200GB V9.1.0u.6619B20230130 and NR1800X V9.1.0u.6681B20230703 Router firmware within the cstecgi.cgi binary sub42F32C function. The web interface reads the "lang" parameter and constructs Help URL strings using sprintf into fixed-siz...

0.00518EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/10/31 5:32 p.m.9 views

CVE-2025-62264

Reflected cross-site scripting XSS vulnerability in Languauge Override in Liferay Portal 7.4.3.8 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10, and 7.4 update 4 through update 92 allows remote attackers to inject arbitrary web script or HTML via the...

5.1CVSS0.00221EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/28 7:59 a.m.4 views

CVE-2025-12241

A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557B20221024. This impacts the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. The manipulation of the argument lang results in stack-based buffer overflow. It is possible to launch the atta...

9CVSS9AI score0.00927EPSS
Exploits1References1
NVD
NVD
added 2025/10/27 7:15 a.m.5 views

CVE-2025-12241

A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557B20221024. This impacts the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. The manipulation of the argument lang results in stack-based buffer overflow. It is possible to launch the atta...

9CVSS0.00927EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/27 7:2 a.m.6 views

EUVD-2025-36127

A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557B20221024. This impacts the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. The manipulation of the argument lang results in stack-based buffer overflow. It is possible to launch the atta...

9CVSS8.9AI score0.00927EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/10/27 12:0 a.m.5 views

TOTOLINK A3300R 安全漏洞

The TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK A3300R version 17.0.0cu.557B20221024, which originates from the parameter lang in the file /cgi-bin/cstecgi.cgi that fails to correctly validate the length of the...

9CVSS9AI score0.00927EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-1021

Malware in sbrugna...

7.5CVSS6.2AI score0.0188EPSS
Exploits3References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-2045

Malware in sbrugna...

5CVSS6.4AI score0.0344EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2004-1904

Malware in sbrugna...

4.3CVSS6.4AI score0.01946EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-3358

Malware in sbrugna...

7.5CVSS6.3AI score0.03538EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-1631

Malware in sbrugna...

4.3CVSS6.2AI score0.01107EPSS
Exploits7References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-1495

Malware in sbrugna...

7.5CVSS6.4AI score0.02462EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-4642

Malware in sbrugna...

6.8CVSS6.4AI score0.02436EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-7773

Malware in sbrugna...

5.4CVSS5.4AI score0.06483EPSS
Exploits5References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-15234

Malware in sbrugna...

6.5CVSS6.5AI score0.01012EPSS
Exploits1References2
Rows per page
Query Builder