Lucene search
K

191 matches found

Prion
Prion
added 2023/09/20 9:15 p.m.22 views

Cross site scripting

A reflected cross-site scripting XSS vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' parameter in '/reset-password'...

5.8CVSS6.1AI score0.00731EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/09/20 12:0 a.m.4 views

PT-2023-26655 · Unknown · Php-Login-System

Name of the Vulnerable Software and Affected Versions: PHP-Login-System version 2.0.1 Description: A reflected cross-site scripting XSS issue allows remote attackers to execute arbitrary JavaScript in a user's web browser. This is achieved by including a malicious payload into the selector...

6.1CVSS6.3AI score0.00731EPSS
Exploits0References6
CVE
CVE
added 2023/09/20 12:0 a.m.61 views

CVE-2023-38876

CVE-2023-38876 describes a reflected XSS in msaad1999’s PHP-Login-System 2.0.1. The vulnerability is triggered by a malicious payload in the selector parameter of the /reset-password endpoint, allowing remote attackers to execute arbitrary JavaScript in a user’s browser. The available sources con...

6.1CVSS6AI score0.00731EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/09/20 12:0 a.m.60 views

CVE-2023-38875

Affected software : msaad1999's PHP-Login-System 2.0.1. Vulnerability : Reflected cross-site scripting (XSS) caused by unsanitized input in the 'validator' parameter of /reset-password. Impact : remote attackers can execute arbitrary JavaScript in a user’s browser, potentially stealing cookies or...

6.1CVSS6AI score0.00824EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/09/20 12:0 a.m.27 views

CVE-2023-38876

A reflected cross-site scripting XSS vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' parameter in '/reset-password'...

6.1CVSS6.2AI score0.00731EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/09/20 12:0 a.m.8 views

CVE-2023-38876

A reflected cross-site scripting XSS vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' parameter in '/reset-password'...

6.1AI score0.00731EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/09/20 12:0 a.m.9 views

CVE-2023-38875

A reflected cross-site scripting XSS vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'validator' parameter in '/reset-password'...

6.1AI score0.00824EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/20 12:0 a.m.10 views

PT-2023-26654

Name of the Vulnerable Software and Affected Versions msaad1999's PHP-Login-System version 2.0.1 Description A reflected cross-site scripting XSS issue allows remote attackers to execute arbitrary JavaScript in the web browser of a user. This is achieved by including a malicious payload into the...

6.1CVSS5.6AI score0.00824EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/09/20 12:0 a.m.5 views

PHP-Login-System Cross-Site Scripting Vulnerability

PHP-Login-System is a web application. A security vulnerability exists in PHP-Login-System version 2.0.1, which stems from a vulnerability that allows a remote attacker to execute arbitrary JavaScript - passwords in a user's web browser by including a malicious load in the validator parameter in...

6.1CVSS7.3AI score0.00824EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/09/20 12:0 a.m.5 views

PHP-Login-System Cross-Site Scripting Vulnerability

PHP-Login-System is a web application. A security vulnerability exists in PHP-Login-System version 2.0.1. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in a user's web browser...

6.1CVSS7.3AI score0.00731EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/09/20 12:0 a.m.43 views

CVE-2023-38876

A reflected cross-site scripting XSS vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' parameter in '/reset-password'...

6.2AI score0.00731EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/20 12:0 a.m.33 views

CVE-2023-38875

A reflected cross-site scripting XSS vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'validator' parameter in '/reset-password'...

6.2AI score0.00824EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/06/21 8:15 p.m.4 views

CVE-2023-33591

User Registration & Login and User Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /admin/search-result.php...

6.1CVSS6.2AI score0.00357EPSS
Exploits0References3
NVD
NVD
added 2023/06/21 8:15 p.m.21 views

CVE-2023-33591

User Registration & Login and User Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /admin/search-result.php...

6.1CVSS6.1AI score0.00357EPSS
Exploits0References2
OSV
OSV
added 2023/06/21 8:15 p.m.6 views

CVE-2023-33591

User Registration & Login and User Management System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /admin/search-result.php...

6.1CVSS6.3AI score0.00357EPSS
Exploits0References2
0day.today
0day.today
added 2023/04/01 12:0 a.m.182 views

GeoVision Camera GV-ADR2701 - Authentication Bypass Vulnerability

Exploit Title: GeoVision Camera GV-ADR2701 - Authentication Bypass Device name: GV-ADR2701 Exploit Author: Chan Nyein Wai Vendor Homepage: https://www.geovision.com.tw/ Software Link: https://www.geovision.com.tw/download/product/ Firmware Version: V1.0020171215 Tested on: windows 10 Exploitation...

6.8AI score
Exploits0
CNNVD
CNNVD
added 2023/01/07 12:0 a.m.4 views

horus 安全漏洞

horus is a Pyramid Web framework user registration and login system open-sourced by Pylons Project. A security vulnerability exists in Pylons horus. An attacker exploited the vulnerability to cause an observable time discrepancy...

5.3CVSS5.1AI score0.00688EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2022/10/14 5:59 a.m.31 views

CVE-2022-39229

A flaw was found in the Grafana web application. When a user logs into the system, either the username or email address can be used. However, the login system allows both a username and connected email to be registered, which could allow an attacker to prevent a user which has an associated email...

4.3CVSS5.9AI score0.0082EPSS
Exploits0References3
CNVD
CNVD
added 2022/06/09 12:0 a.m.18 views

EGavilan Media User-Registration-and-Login-System-With-Admin-Panel SQL Injection Vulnerability

EGavilan Media User-Registration-and-Login-System-With-Admin-Panel is a user registration and login system with an administrative panel from EGavilan Media. EGavilan Media User-Registration -and-Login-System-With-Admin-Panel version 1.0 contains a SQL injection vulnerability, which stems from...

9.8CVSS5.6AI score0.0122EPSS
Exploits1References1
NVD
NVD
added 2022/06/02 2:15 p.m.31 views

CVE-2021-44096

EGavilan Media User-Registration-and-Login-System-With-Admin-Panel 1.0 is vulnerable to SQL Injection via profileaction - updateuser. This allows a remote attacker to compromise Application SQL database...

9.8CVSS0.0122EPSS
Exploits1References2
Rows per page
Query Builder