Lucene search
K

272 matches found

CNNVD
CNNVD
added 2026/02/05 12:0 a.m.12 views

Nsasoft Nsauditor 安全漏洞

Nsasoft Nsauditor is a network security software developed by the American company Nsasoft. Version Nsasoft Nsauditor 3.2.0.0 contains a security vulnerability. This vulnerability stems from improper handling of the registered name input field, which may lead to application crashes...

7.5CVSS5.8AI score0.00455EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.5 views

PT-2026-6574

Name of the Vulnerable Software and Affected Versions Nsauditor version 3.2.0.0 Description The software contains a denial of service condition in the registration name input field. An attacker can cause the application to crash by providing a malicious payload of 1000 bytes of repeated character...

7.5CVSS5.5AI score0.00455EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/02/01 12:56 p.m.34 views

CVE-2022-50952 Banco Guayaquil 8.0.0 Mobile iOS Cross-Site Scripting via Profile Name Input

Banco Guayaquil 8.0.0 mobile iOS application contains a persistent cross-site scripting vulnerability in the TextBox Name Profile input. Attackers can inject malicious script code through a POST request that executes on application review without user interaction...

6.4CVSS0.00243EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/01 12:56 p.m.5 views

CVE-2022-50952 Banco Guayaquil 8.0.0 Mobile iOS Cross-Site Scripting via Profile Name Input

Banco Guayaquil 8.0.0 mobile iOS application contains a persistent cross-site scripting vulnerability in the TextBox Name Profile input. Attackers can inject malicious script code through a POST request that executes on application review without user interaction...

6.4CVSS5.1AI score0.00243EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/31 12:30 a.m.6 views

EUVD-2020-30936

Frigate Professional 3.36.0.9 contains a local buffer overflow vulnerability in the 'Find Computer' feature that allows attackers to execute arbitrary code by overflowing the computer name input field. Attackers can craft a malicious payload that triggers a buffer overflow, enabling code executio...

8.4CVSS6.6AI score0.00188EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/30 10:7 p.m.22 views

CVE-2020-37042 Frigate Professional 3.36.0.9 - 'Find Computer' Local Buffer Overflow

Frigate Professional 3.36.0.9 contains a local buffer overflow vulnerability in the 'Find Computer' feature that allows attackers to execute arbitrary code by overflowing the computer name input field. Attackers can craft a malicious payload that triggers a buffer overflow, enabling code executio...

8.4CVSS0.00188EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/30 4:16 p.m.5 views

CVE-2020-37014 Tryton 5.4 - Persistent Cross-Site Scripting

Tryton 5.4 contains a persistent cross-site scripting vulnerability in the user profile name input that allows remote attackers to inject malicious scripts. Attackers can exploit the vulnerability by inserting script payloads in the name field, which execute in the frontend and backend user...

6.4CVSS5.9AI score0.00311EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/30 12:0 a.m.6 views

PT-2026-5482

Name of the Vulnerable Software and Affected Versions Frigate Professional version 3.36.0.9 Description Frigate Professional 3.36.0.9 contains a local buffer overflow in the 'Find Computer' feature. An attacker can execute arbitrary code by overflowing the computer name input field. A malicious...

8.4CVSS6.1AI score0.00188EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/01/28 11:58 a.m.28 views

CVE-2025-59896 Authenticated Cross-Site Scripting (XSS) vulnerability in Sync Breeze Enterprise Server

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site Scripting XSS vulnerability. An attacker could send malicious content to an authenticated user and steal information from their session due to insufficient validation of user...

5.1CVSS0.00173EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.6 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in the HFS filesystem. When reading the name of an HFS volume during the grubfsmount function, the HFS filesystem driver uses the user-provided volume name as input without properly verifying the length of that name. This issue may lead to a heap-based out-of-bounds write...

7.8CVSS6.7AI score0.002EPSS
Exploits0References3
NVD
NVD
added 2026/01/25 1:15 p.m.7 views

CVE-2020-36931

Click2Magic 1.1.5 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts in the chat name input. Attackers can craft a malicious payload in the chat name to capture administrator cookies when the admin processes user requests...

6.4CVSS0.00251EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/25 12:24 p.m.4 views

CVE-2020-36931

Click2Magic 1.1.5 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts in the chat name input. Attackers can craft a malicious payload in the chat name to capture administrator cookies when the admin processes user requests...

6.4CVSS5.8AI score0.00251EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/25 12:24 p.m.35 views

CVE-2020-36931 Click2Magic 1.1.5 - Stored Cross-Site Scripting

Click2Magic 1.1.5 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts in the chat name input. Attackers can craft a malicious payload in the chat name to capture administrator cookies when the admin processes user requests...

6.4CVSS0.00251EPSS
Exploits0References4
CVE
CVE
added 2026/01/25 12:24 p.m.8 views

CVE-2020-36931

Click2Magic 1.1.5 is affected by a stored cross-site scripting vulnerability in the chat name input. The condition allows attackers to inject scripts that can capture administrator cookies when the admin processes user requests. Reported CVSS details indicate Medium severity (CVSSv4 = 5.1; CVSSv3...

6.4CVSS5AI score0.00251EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/25 12:24 p.m.6 views

EUVD-2026-4632

Click2Magic 1.1.5 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts in the chat name input. Attackers can craft a malicious payload in the chat name to capture administrator cookies when the admin processes user requests...

6.4CVSS5AI score0.00251EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/25 12:0 a.m.6 views

PT-2026-4649

Click2Magic 1.1.5 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts in the chat name input. Attackers can craft a malicious payload in the chat name to capture administrator cookies when the admin processes user requests...

6.4CVSS5AI score0.00251EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/01/23 4:47 p.m.4 views

CVE-2021-47893

AgataSoft PingMaster Pro 2.1 contains a denial of service vulnerability in the Trace Route feature that allows attackers to crash the application by overflowing the host name input field. Attackers can generate a 10,000-character buffer and paste it into the host name field to trigger an...

7.5CVSS6AI score0.00252EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/01/20 11:53 a.m.21 views

CVE-2025-40679 HTML injection in Isshue from Bdtask

HTML Injection vulnerability in Isshue by Bdtask, consisting os an HTML injection due to a lack os proper validation of user input by sending a POST request to '/categoryproductsearch', affecting the 'productname' parameter...

5.1CVSS0.00262EPSS
Exploits0References1
CVE
CVE
added 2026/01/20 11:53 a.m.13 views

CVE-2025-40679

CVE-2025-40679 describes an HTML injection in Isshue by Bdtask resulting from insufficient validation of the product_name input in a POST to /category_product_search (or variant paths in connected records). Affected component is the Isshue module of Bdtask software; root cause is improper input v...

5.1CVSS5.5AI score0.00262EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:25 a.m.7 views

CVE-2021-28160

Wireless-N WiFi Repeater REV 1.0 28.08.06.1 suffers from a reflected XSS vulnerability due to unsanitized SSID value when the latter is displayed in the /repeater.html page "Repeater Wizard" homepage section...

6.1CVSS6.3AI score0.00818EPSS
Exploits1References1
Rows per page
Query Builder