Lucene search
K

159 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:38 a.m.3 views

SUSE CVE-2017-15088

plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote attackers to execute arbitrary code or cause a denial of service buffer overflow and application crash in situations involving untrusted X.509 data,...

7.5CVSS9.8AI score0.0837EPSS
Exploits0References21
Veracode
Veracode
added 2023/02/08 8:47 a.m.18 views

Cross-Site Scripting (XSS)

modoboa is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to a lack of santization in the name fields while creating accounts, which allows an attacker to inject and execute arbitrary JavaScript when viewing the logs and identities pages...

5.4CVSS5.5AI score0.00498EPSS
Exploits1References5Affected Software1
Snyk
Snyk
added 2023/01/15 9:5 a.m.3 views

Integer Overflow or Wraparound

Overview publifycore is a Core engine for the Publify blogging system, formerly known as Typo. Affected versions of this package are vulnerable to Integer Overflow or Wraparound in app/models/user.rb, which allows attackers to cause denial of service by supplying an excessively long name value fo...

9.8CVSS6.8AI score0.30778EPSS
Exploits1References2
OSV
OSV
added 2023/01/11 4:15 a.m.6 views

CVE-2023-22959

WebChess through 0.9.0 and 1.0.0.rc2 allows SQL injection: mainmenu.php, chess.php, and opponentspassword.php txtFirstName, txtLastName...

8.8CVSS5.8AI score0.13703EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/11/30 12:0 a.m.5 views

PT-2022-26368 · Sourcecodester · Sourcecodester Event Registration System

Name of the Vulnerable Software and Affected Versions: SourceCodester Event Registration System version 1.0 Description: A vulnerability has been found in the SourceCodester Event Registration System, allowing for cross site scripting through the manipulation of the First Name/Last Name argument ...

6.1CVSS6AI score0.00335EPSS
Exploits0References6
OSV
OSV
added 2022/10/27 10:15 a.m.3 views

CVE-2022-3716

A vulnerability classified as problematic was found in SourceCodester Online Medicine Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /omos/admin/?page=user/list. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site...

5.4CVSS3.9AI score0.00328EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/10/27 10:15 a.m.4 views

CVE-2022-3716

A vulnerability classified as problematic was found in SourceCodester Online Medicine Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /omos/admin/?page=user/list. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site...

5.4CVSS4AI score0.00328EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/10/17 12:15 p.m.4 views

CVE-2022-3547

A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /csms/admin/?page=systeminfo of the component Setting Handler. The manipulation of the argument System Name/System Short Name lead...

4.8CVSS3.8AI score0.0049EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/10/17 12:0 a.m.4 views

Simple Cold Storage Management System 跨站脚本漏洞

Simple Cold Storage Management System is a simple cold storage management system by Carlo Montero, an individual developer. A security vulnerability exists in Simple Cold Storage Management System version 1.0, which stems from some unknown functionality in the /csms/admin/?page=user/list file,...

4.8CVSS4.8AI score0.00515EPSS
Exploits0References3
OSV
OSV
added 2022/10/15 10:15 a.m.2 views

CVE-2022-3518

A vulnerability classified as problematic has been found in SourceCodester Sanitization Management System 1.0. Affected is an unknown function of the component User Creation Handler. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. It is possible to...

4.8CVSS3.9AI score0.00521EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/10/15 12:0 a.m.7 views

PT-2022-22620 · Sourcecodester · Sanitization Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Sanitization Management System version 1.0 Description: A problematic vulnerability has been found in the User Creation Handler component. The manipulation of the First Name/Middle Name/Last Name argument leads to cross-site...

4.8CVSS4.8AI score0.00521EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/10/13 12:0 a.m.4 views

PT-2022-22439 · Sourcecodester · Sourcecodester Human Resource Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Human Resource Management System version 1.0 Description: A problematic issue has been found in the Add Employee Handler component, where the manipulation of the First Name/Middle Name/Last Name argument leads to cross-site...

5.4CVSS5.1AI score0.00328EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/10/13 12:0 a.m.3 views

Human Resource Management System 安全漏洞

Human Resource Management System is a human resource management system by maverickosama Personal Developer. A security vulnerability exists in Human Resource Management System, which originates from an unknown handler in its Add Employee Handler component that operates on the parameters First...

5.4CVSS4.9AI score0.00328EPSS
Exploits0References3
OSV
OSV
added 2022/05/26 5:15 p.m.5 views

CVE-2022-30494

In oretnom23 Automotive Shop Management System v1.0, the first and last name user fields suffer from a stored XSS Injection Vulnerability allowing remote attackers to gain admin access and view internal IPs...

5.4CVSS6.1AI score0.00596EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/05/18 12:0 a.m.6 views

ToolJet 跨站脚本漏洞

A code injection vulnerability exists in ToolJet v0.6.0 through v1.10.2, which stems from a lack of data validation filtering of user-supplied data and output in the first and last name fields of the invitation email. An attacker could exploit this vulnerability to inject malicious code when...

5.4CVSS5.7AI score0.00588EPSS
Exploits1References3
OSV
OSV
added 2022/03/29 6:15 a.m.4 views

CVE-2022-1076

A vulnerability was found in Automatic Question Paper Generator System 1.0. It has been classified as problematic. This affects the file /aqpg/users/login.php of the component My Account Page. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. It is...

6.1CVSS4.3AI score
Exploits0References1
OSV
OSV
added 2021/12/27 11:15 a.m.5 views

CVE-2021-24797

The Tickera WordPress plugin before 3.4.8.3 does not properly sanitise and escape the Name fields of booked Events before outputting them in the Orders admin dashboard, which could allow unauthenticated users to perform Cross-Site Scripting attacks against admins...

6.1CVSS5.8AI score0.01167EPSS
Exploits2References1
CNNVD
CNNVD
added 2021/12/20 12:0 a.m.7 views

MartDevelopers iResturant 跨站脚本漏洞

MartDevelopers iResturant is an open source lightweight restaurant Erp from MartDevelopers Kenya. for integrating social restaurant operations into one system. A cross-site scripting vulnerability exists in MartDevelopers iResturant version 1.0, which stems from a lack of effective filtering and...

5.4CVSS5.8AI score0.00664EPSS
Exploits0References3
OSV
OSV
added 2021/09/09 12:15 p.m.3 views

CVE-2021-36870

Multiple Authenticated Persistent Cross-Site Scripting XSS vulnerabilities in WordPress WP Google Maps plugin versions = 8.1.12. Vulnerable parameters: &datasetname, &wpgmzagdprretentionpurpose, &wpgmzagdprcompanyname, &name 2, &name, &polyname 2, &polyname, &address...

5.4CVSS5.8AI score0.00585EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/07/12 12:0 a.m.4 views

WordPress 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A code injection vulnerability exists in the WordPress...

6.1CVSS5.5AI score0.01242EPSS
Exploits2References2
Rows per page
Query Builder