CVE-2024-4975 code-projects Simple Chat System Message cross site scripting

A vulnerability, which was classified as problematic, has been found in code-projects Simple Chat System 1.0. This issue affects some unknown processing of the component Message Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

PT-2024-33661 · Code Projects · Simple Chat System

Name of the Vulnerable Software and Affected Versions: code-projects Simple Chat System version 1.0 Description: A problematic issue has been found in the Message Handler component, leading to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public...

CVE-2024-4511

A vulnerability classified as critical has been found in Shanghai Sunfull Automation BACnet Server HMI1002-ARM 2.0.4. This affects an unknown part of the component Message Handler. The manipulation leads to buffer overflow. The exploit has been disclosed to the public and may be used. The...

CVE-2024-4511 Shanghai Sunfull Automation BACnet Server HMI1002-ARM Message buffer overflow

A vulnerability classified as critical has been found in Shanghai Sunfull Automation BACnet Server HMI1002-ARM 2.0.4. This affects an unknown part of the component Message Handler. The manipulation leads to buffer overflow. The exploit has been disclosed to the public and may be used. The...

PT-2024-14805 · Honeywell · Honeywell C300

Name of the Vulnerable Software and Affected Versions: Honeywell C300 affected versions not specified Description: The issue is related to a denial of service due to improper handling of a specially crafted message received by the controller. This can be exploited remotely. There is a critical...

PT-2024-6580 · Hikvision · Hikvision Ds-7604Ni-K1/4P +1

Name of the Vulnerable Software and Affected Versions: Hikvision NVRs affected versions not specified Hikvision DS-7604NI-K1/4PB affected versions not specified Description: The issue is related to a NULL dereference pointer vulnerability. It is caused by insufficient validation of a parameter in...

CVE-2024-0189 RRJ Nueva Ecija Engineer Online Portal Create Message teacher_message.php cross site scripting

A vulnerability has been found in RRJ Nueva Ecija Engineer Online Portal 1.0 and classified as problematic. This vulnerability affects unknown code of the file teachermessage.php of the component Create Message Handler. The manipulation of the argument Content with the input alertx leads to cross...

PT-2023-31463 · Unknown · Foundation

Name of the Vulnerable Software and Affected Versions: Foundation platform version 1.0 Description: The issue allows a remote attacker to obtain sensitive information via the Web3 authentication process of Foundation. The signed message lacks a nonce, which is a random number. This flaw may expos...

CVE-2023-6296

A vulnerability was found in osCommerce 4. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /catalog/compare of the component Instant Message Handler. The manipulation of the argument compare with the input 40dz4iq"alert1zohkx leads to cross site...

Cross site scripting

A vulnerability was found in osCommerce 4. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /catalog/compare of the component Instant Message Handler. The manipulation of the argument compare with the input 40dz4iq"alert1zohkx leads to cross site...

CVE-2023-6296 osCommerce Instant Message compare cross site scripting

A vulnerability was found in osCommerce 4. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /catalog/compare of the component Instant Message Handler. The manipulation of the argument compare with the input 40dz4iq"alert1zohkx leads to cross site...

osCommerce Cross-Site Scripting Vulnerability

osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. A cross-site scripting vulnerability exists in osCommerce 4, which stems from the presence of an unknown function in the file /catalog/compare in the component Instant Message Handler, resulting in a...

PT-2023-9100 · Telit · Telit Cinterion Ehs5/6/8 +1

Name of the Vulnerable Software and Affected Versions: Telit Cinterion EHS5/6/8 affected versions not specified Telit Cinterion BGS5 affected versions not specified Telit Cinterion PDS5/6/8 affected versions not specified Description: A Buffer Copy without Checking Size of Input vulnerability...

CVE-2023-37456

The session restore helper crashed whenever there was no parameter sent to the message handler. This vulnerability affects Firefox for iOS 115...

CVE-2023-37456

The session restore helper crashed whenever there was no parameter sent to the message handler. This vulnerability affects Firefox for iOS 115...

CVE-2023-37456

The session restore helper crashed whenever there was no parameter sent to the message handler. This vulnerability affects Firefox for iOS 115...

CVE-2023-37456

The session restore helper crashed whenever there was no parameter sent to the message handler. This vulnerability affects Firefox for iOS 115...

CVE-2023-2475

A vulnerability was found in Dromara J2eeFAST up to 2.6.0 and classified as problematic. This issue affects some unknown processing of the component System Message Handler. The manipulation of the argument 主题 leads to cross site scripting. The attack may be initiated remotely. The exploit has bee...

Cross site scripting

A vulnerability was found in Dromara J2eeFAST up to 2.6.0 and classified as problematic. This issue affects some unknown processing of the component System Message Handler. The manipulation of the argument ?? leads to cross site scripting. The attack may be initiated remotely. The exploit has bee...

CVE-2023-2475 Dromara J2eeFAST System Message cross site scripting

A vulnerability was found in Dromara J2eeFAST up to 2.6.0 and classified as problematic. This issue affects some unknown processing of the component System Message Handler. The manipulation of the argument 主题 leads to cross site scripting. The attack may be initiated remotely. The exploit has bee...