Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-3133

Malware in sbrugna...

6.1CVSS6.3AI score0.00705EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-3134

Malware in sbrugna...

9.9CVSS9AI score0.03773EPSS
Exploits1References7
CNVD
CNVD
added 2018/05/15 12:0 a.m.1 views

MyBiz MyProcureNet Cross-Site Scripting Vulnerability

MyBiz MyProcureNet is a procurement process automation solution from MyBiz Solutions Malaysia. A cross-site scripting vulnerability exists in ProxyPage.aspx in MyBiz MyProcureNet version 5.0.0. A remote attacker can exploit this vulnerability to inject malicious client-side script...

6.1CVSS6.3AI score0.00705EPSS
Exploits1References1
0day.today
0day.today
added 2018/05/15 12:0 a.m.79 views

MyBiz MyProcureNet 5.0.0 File Upload / Cross Site Scripting Vulnerabilities

MyBiz MyProcureNet version 5.0.0 suffers from remote file upload and cross site scripting vulnerabilities. title: Arbitrary File Upload & Cross-site scripting product: MyBiz MyProcureNet vulnerable version: 5.0.0 fixed version: unknown CVE number: - impact: Critical homepage: http://www.mybiz.net...

0.1AI score0.03773EPSS
Exploits1
CNVD
CNVD
added 2018/05/15 12:0 a.m.4 views

MyBiz MyProcureNet Arbitrary File Upload Vulnerability

MyBiz MyProcureNet is a procurement process automation solution from MyBiz Solutions Malaysia. A security vulnerability exists in MyBiz MyProcureNet version 5.0.0, which originates from an attacker being able to adjust the 'HiddenFieldControlCustomWhiteListedExtensions' parameter and add arbitrar...

9.9CVSS7.3AI score0.03773EPSS
Exploits1References1
Prion
Prion
added 2018/05/14 11:29 p.m.12 views

Design/Logic Flaw

An issue was discovered in MyBiz MyProcureNet 5.0.0. A malicious file can be uploaded to the webserver by an attacker. It is possible for an attacker to upload a script to issue operating system commands. This vulnerability occurs because an attacker is able to adjust the...

9CVSS7.8AI score0.03773EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2018/05/14 11:29 p.m.9 views

CVE-2018-11091

An issue was discovered in MyBiz MyProcureNet 5.0.0. A malicious file can be uploaded to the webserver by an attacker. It is possible for an attacker to upload a script to issue operating system commands. This vulnerability occurs because an attacker is able to adjust the...

9.9CVSS7.5AI score0.03773EPSS
Exploits1References5
NVD
NVD
added 2018/05/14 11:29 p.m.16 views

CVE-2018-11090

An XSS issue was discovered in MyBiz MyProcureNet 5.0.0. This vulnerability within "ProxyPage.aspx" allows an attacker to inject malicious client side scripting which will be executed in the browser of users if they visit the manipulated site...

6.1CVSS5.9AI score0.00705EPSS
Exploits1References2
Prion
Prion
added 2018/05/14 11:29 p.m.13 views

Cross site scripting

An XSS issue was discovered in MyBiz MyProcureNet 5.0.0. This vulnerability within "ProxyPage.aspx" allows an attacker to inject malicious client side scripting which will be executed in the browser of users if they visit the manipulated site...

4.3CVSS5.8AI score0.00705EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2018/05/14 11:0 p.m.53 views

CVE-2018-11090

Affected software: MyBiz MyProcureNet 5.0.0. Vulnerability: Cross-site scripting (XSS) in the ProxyPage.aspx page. Root cause / detail: An attacker can inject malicious client-side scripting that is executed in the browser of users who visit the manipulated site. Impact (as stated): Malicious scr...

6.1CVSS5.8AI score0.00705EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2018/05/14 11:0 p.m.67 views

CVE-2018-11091

CVE-2018-11091 affects MyBiz MyProcureNet 5.0.0. A malicious actor can upload a script by tampering with HiddenFieldControlCustomWhiteListedExtensions, adding an allowed extension (e.g., .asp) so files like secctest.asp are accepted. This enables arbitrary command execution on the webserver and p...

9.9CVSS7.2AI score0.03773EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2018/05/14 11:0 p.m.21 views

CVE-2018-11091

An issue was discovered in MyBiz MyProcureNet 5.0.0. A malicious file can be uploaded to the webserver by an attacker. It is possible for an attacker to upload a script to issue operating system commands. This vulnerability occurs because an attacker is able to adjust the...

7.3AI score0.03773EPSS
Exploits1References5
Cvelist
Cvelist
added 2018/05/14 11:0 p.m.20 views

CVE-2018-11090

An XSS issue was discovered in MyBiz MyProcureNet 5.0.0. This vulnerability within "ProxyPage.aspx" allows an attacker to inject malicious client side scripting which will be executed in the browser of users if they visit the manipulated site...

5.9AI score0.00705EPSS
Exploits1References2
Rows per page
Query Builder