Lucene search
K

11 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/26 1:19 p.m.4 views

CVE-2018-25292

Bome Restorator 1793 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can create a malicious payload exceeding 4000 bytes and paste it into the Name input field to trigger an...

6.9CVSS5.7AI score0.00137EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/12 12:0 a.m.5 views

PT-2024-34522 · Snipe-It · Snipe-It

Name of the Vulnerable Software and Affected Versions: Snipe-IT version 7.0.13 build 15514 Description: The issue allows a low-privileged attacker to modify their profile name and inject a malicious payload into the Name field. When an administrator later accesses the People Management page,...

8CVSS7.5AI score0.00429EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2023/09/27 3:19 p.m.3 views

CVE-2023-43331

A cross-site scripting XSS vulnerability in the Add User function of Small CRM v3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

5.4CVSS6AI score0.00461EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/05/24 8:15 p.m.5 views

CVE-2023-33793

A stored cross-site scripting XSS vulnerability in the Create Power Panels /dcim/power-panels/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

5.4CVSS6.2AI score0.00394EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/05/24 8:15 p.m.4 views

CVE-2023-33789

A stored cross-site scripting XSS vulnerability in the Create Contact Groups /tenancy/contact-groups/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

5.4CVSS6.2AI score0.00394EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/05/24 8:15 p.m.5 views

CVE-2023-33785

A stored cross-site scripting XSS vulnerability in the Create Rack Roles /dcim/rack-roles/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

5.4CVSS6.2AI score0.00394EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/08/26 9:15 p.m.1 views

CVE-2022-36548

Edoc-doctor-appointment-system v1.0.1 was discovered to contain a stored cross-site scripting XSS vulnerability at /patient/settings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field...

5.4CVSS6.2AI score0.00499EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/08/26 12:0 a.m.6 views

Edoc-doctor-appointment-system 跨站脚本漏洞

Edoc-doctor-appointment-system is a simple web project for e-access by HashenUdara Personal Developer. A security vulnerability exists in Edoc-doctor-appointment-system version v1.0.1, which stems from a stored cross-site scripting vulnerability discovered via /patient/settings.php. An attacker...

5.4CVSS5.8AI score0.00499EPSS
Exploits1References3
OSV
OSV
added 2022/02/16 6:15 p.m.4 views

CVE-2022-22853

A stored cross-site scripting XSS vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the Name field...

5.4CVSS5.9AI score0.00811EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2021/07/13 1:10 p.m.4 views

wildfly: XSS via admin console when creating roles in domain mode

A flaw was found in Wildfly. While creating a new role in the domain mode via the admin console, it is possible to add a payload in the name field, leading to a Cross-site scripting attack XSS. The highest threat from this vulnerability is to confidentiality and integrity...

4.8CVSS5.7AI score0.00528EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/05/20 12:0 a.m.5 views

Red Hat Wildfly 跨站脚本漏洞

Red Hat Wildfly is the United States Red Hat Red Hat, Inc. of a lightweight JavaEE-based open source application server . A cross-site scripting vulnerability exists in Red Hat Wildfly versions prior to 23.0.2. An attacker can exploit this vulnerability by adding a payload to the name field to...

4.8CVSS5AI score0.00528EPSS
Exploits0References12
Rows per page
Query Builder