Lucene search
+L

276 matches found

Cvelist
Cvelist
added 2024/03/28 12:0 a.m.27 views

CVE-2024-31064

Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the First Name input field...

7.2AI score0.00656EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/03/28 12:0 a.m.11 views

CVE-2024-31061

Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Last Name input field...

7.5AI score0.00852EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/02/09 12:0 a.m.5 views

Zabbix Cross-Site Scripting Vulnerability

Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. A cross-site scripting vulnerability exists in Zabbix, which stems from improper validation of the input field "Name"...

5.5CVSS6.2AI score0.00659EPSS
Exploits1References2
OSV
OSV
added 2024/01/30 1:15 a.m.3 views

CVE-2024-1024

A vulnerability has been found in SourceCodester Facebook News Feed Like 1.0 and classified as problematic. This vulnerability affects unknown code of the component New Account Handler. The manipulation of the argument First Name/Last Name with the input alert1 leads to cross site scripting. The...

6.1CVSS3.8AI score0.00312EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/30 12:0 a.m.12 views

PT-2024-16132 · Sourcecodester · Sourcecodester Facebook News Feed Like

Name of the Vulnerable Software and Affected Versions: SourceCodester Facebook News Feed Like version 1.0 Description: A problematic issue has been found, affecting the New Account Handler component. The manipulation of the First Name/Last Name argument with the input alert1 leads to cross-site...

6.1CVSS4.3AI score0.00312EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/01/09 12:0 a.m.5 views

Tenda A18 安全漏洞

Tenda A18 is an AC1200 dual-band Wi-Fi repeater from China's Tenda. A buffer overflow vulnerability exists in Tenda A18 version v15.13.07.09, which originates from the devName parameter in the formSetDeviceName function failing to correctly validate the length of the input data, and can be...

9.8CVSS8.2AI score0.00701EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/01/06 12:0 a.m.16 views

PT-2024-15426 · Unknown · Project Worlds Online Lawyer Management System

Name of the Vulnerable Software and Affected Versions: Project Worlds Online Lawyer Management System version 1.0 Description: A vulnerability has been found in the User Registration component of the system. The manipulation of the First Name argument leads to cross-site scripting. It is possible...

5.4CVSS6.6AI score0.00683EPSS
Exploits1References7
OSV
OSV
added 2023/11/26 11:15 p.m.5 views

CVE-2023-6297

A vulnerability classified as problematic has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file patient-search-report.php of the component Search Report Page. The manipulation of the argument Search By Patient Name with the input...

6.1CVSS3.8AI score0.00751EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/10/22 12:0 a.m.7 views

PT-2023-32272 · Codeastro · Codeastro Internet Banking System

Name of the Vulnerable Software and Affected Versions: CodeAstro Internet Banking System version 1.0 Description: A problematic issue has been found in the CodeAstro Internet Banking System, affecting the processing of the file pages view client.php. The manipulation of the acc name argument with...

6.1CVSS6.6AI score0.00505EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2023/10/02 12:0 a.m.10 views

The vulnerability of the Reports component in the Nozomi Guardian network activity detection and tracking tool, as well as the Nozomi Central Management Console (CMC), allows a malicious actor to trigger a service failure.

The vulnerability of the Reports component of the Nozomi Guardian network activity detection and tracking tool, as well as the Nozomi Central Management Console CMC, relates to the issue of saving reports with a null name due to insufficient validation of input data. Exploiting this vulnerability...

4.3CVSS5.5AI score0.00453EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2023/08/11 2:15 p.m.16 views

Cross site scripting

Cross Site Scripting XSS vulnerability in Name Input Field in Contact Us form in Laborator Kalium before 3.0.4, allows remote attackers to execute arbitrary code...

5.8CVSS6.2AI score0.00456EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/08/11 12:0 a.m.29 views

CVE-2020-24075

Cross Site Scripting XSS vulnerability in Name Input Field in Contact Us form in Laborator Kalium before 3.0.4, allows remote attackers to execute arbitrary code...

6.2AI score0.00456EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/11 12:0 a.m.14 views

CVE-2020-24075

Cross Site Scripting XSS vulnerability in Name Input Field in Contact Us form in Laborator Kalium before 3.0.4, allows remote attackers to execute arbitrary code...

6.5AI score0.00456EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/07/31 12:0 a.m.5 views

PT-2023-4163 · Webmin +1 · Webmin +1

Name of the Vulnerable Software and Affected Versions: Webmin version 2.021 Description: A Stored Cross-Site Scripting XSS issue was discovered in the Users and Groups functionality. This occurs when an authenticated user adds a new user and inserts an XSS payload into the user's real name. The...

5.8CVSS5.3AI score0.00405EPSS
Exploits1References10
OSV
OSV
added 2023/05/08 1:15 p.m.4 views

CVE-2023-2574

Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection vulnerability in the device name input field, which can be triggered by authenticated users via a crafted POST request...

8.8CVSS5.8AI score0.04751EPSS
Exploits2References6
Vulnrichment
Vulnrichment
added 2023/05/08 12:28 p.m.13 views

CVE-2023-2574 Authenticated Command Injection

Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection vulnerability in the device name input field, which can be triggered by authenticated users via a crafted POST request...

8.8CVSS8.7AI score0.04751EPSS
Exploits2References6
Prion
Prion
added 2023/04/25 1:15 p.m.24 views

Design/Logic Flaw

ChurchCRM 4.5.3 was discovered to contain a CSV injection vulnerability via the Last Name and First Name input fields when creating a new person. These vulnerabilities allow attackers to execute arbitrary code via a crafted excel file...

4.4CVSS7.9AI score0.00437EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/18 12:0 a.m.7 views

PT-2023-22785 · Archery · Archery

Name of the Vulnerable Software and Affected Versions: Archery affected versions not specified Description: The Archery project contains multiple SQL injection vulnerabilities that may allow an attacker to query the connected databases. User input coming from the db name in the sql/data...

6.5CVSS6.9AI score0.00835EPSS
Exploits1References4
OSV
OSV
added 2023/04/05 8:15 a.m.6 views

CVE-2023-1857

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/?page=product/manageproduct&id=2. The manipulation of the argument Product Name leads to cross site scripting. Th...

6.1CVSS3.8AI score0.00611EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:25 a.m.6 views

SUSE CVE-2014-8630

Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before 5.0rc1 allows remote authenticated users to execute arbitrary commands by leveraging the editcomponents privilege and triggering crafted input to a two-argument Perl open call, as demonstrated by...

6.5CVSS7.3AI score0.0204EPSS
Exploits0References3
Rows per page
Query Builder