Lucene search
K

73 matches found

OSV
OSV
added 2024/08/07 11:58 p.m.4 views

MAL-2024-7954 Malicious code in ember-unified-navbar-360 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca611162af2d36d894266f588a4b191ac6301ab46e3e99e9efcc6bcbf7fd1803 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/03/16 3:15 p.m.6 views

CVE-2024-2519

A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. It has been classified as problematic. Affected is an unknown function of the file navbar.php. The manipulation of the argument id leads to cross site scripting. It is possible to launch the attack remotely...

6.1CVSS3.8AI score0.00385EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/16 12:0 a.m.4 views

Online-College-Event-Hall-Reservation-System Cross-Site Scripting Vulnerability

Online-College-Event-Hall-Reservation-System is an online college event hall reservation system by Magesh K individual developer. Designed to automate the hall booking process to eliminate manual logging and increase efficiency. A cross-site scripting vulnerability exists in...

6.1CVSS6.1AI score0.00385EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/03/16 12:0 a.m.9 views

PT-2024-20805 · Unknown · Magesh-K21 Online-College-Event-Hall-Reservation-System

Name of the Vulnerable Software and Affected Versions: MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0 Description: A problematic issue was found in the system, affecting an unknown function of the file navbar.php. The manipulation of the id argument leads to cross-site...

6.1CVSS6.7AI score0.00385EPSS
Exploits0References5
OSV
OSV
added 2024/01/10 4:15 p.m.3 views

CVE-2023-48730

A cross-site scripting xss vulnerability exists in the navbarMenuAndLogo.php user name functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get a user to visit a webpage to trigger this vulnerabilit...

5.4CVSS7.3AI score0.00581EPSS
Exploits0References2
Prion
Prion
added 2024/01/10 4:15 p.m.23 views

Cross site scripting

A cross-site scripting xss vulnerability exists in the navbarMenuAndLogo.php user name functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get a user to visit a webpage to trigger this vulnerabilit...

4.9CVSS6.6AI score0.00581EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/10 3:48 p.m.4 views

CVE-2023-48730

A cross-site scripting xss vulnerability exists in the navbarMenuAndLogo.php user name functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary Javascript execution. An attacker can get a user to visit a webpage to trigger this vulnerabilit...

8.5CVSS6.5AI score0.00581EPSS
Exploits0References1
OSV
OSV
added 2023/09/19 11:15 p.m.4 views

CVE-2023-40932

A Cross-site scripting XSS vulnerability in Nagios XI version 5.11.1 and below allows authenticated attackers with access to the custom logo component to inject arbitrary javascript or HTML via the alt-text field. This affects all pages containing the navbar including the login page which means t...

5.4CVSS5.8AI score0.01984EPSS
Exploits0References3
Prion
Prion
added 2023/09/19 11:15 p.m.25 views

Cross site scripting

A Cross-site scripting XSS vulnerability in Nagios XI version 5.11.1 and below allows authenticated attackers with access to the custom logo component to inject arbitrary javascript or HTML via the alt-text field. This affects all pages containing the navbar including the login page which means t...

4.9CVSS5.2AI score0.01984EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/03/09 9:15 p.m.2 views

CVE-2023-27211

A cross-site scripting XSS vulnerability in /admin/navbar.php of Online Pizza Ordering System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the page parameter...

6.1CVSS5.9AI score0.00434EPSS
Exploits1References2
Prion
Prion
added 2023/03/09 9:15 p.m.17 views

Cross site scripting

A cross-site scripting XSS vulnerability in /kruxton/navbar.php of Best POS Management System 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the page parameter...

5.8CVSS5.9AI score0.00434EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2023/03/09 12:0 a.m.5 views

Best POS Management System 跨站脚本漏洞

Best pos management system is a best pos management system by Mayuri K. Personal developer. A security vulnerability exists in Best POS Management System version 1.0, which originates from a cross-site scripting XSS vulnerability in /kruxton/navbar.php, which can be exploited by an attacker to...

6.1CVSS6.2AI score0.00434EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/03/09 12:0 a.m.4 views

Online Pizza Ordering System 跨站脚本漏洞

Online Pizza Ordering System is an online pizza ordering system by Carlo Montero, a personal developer. A security vulnerability exists in Online Pizza Ordering System version 1.0, which originates from a cross-site scripting XSS vulnerability in /admin/navbar.php, which can be exploited by an...

6.1CVSS6.3AI score0.00434EPSS
Exploits1References3
NVD
NVD
added 2023/02/06 3:15 p.m.23 views

CVE-2023-24194

Online Food Ordering System v2 was discovered to contain a cross-site scripting XSS vulnerability via the page parameter in navbar.php...

6.1CVSS6AI score0.00486EPSS
Exploits1References2
OSV
OSV
added 2023/02/06 3:15 p.m.4 views

CVE-2023-24194

Online Food Ordering System v2 was discovered to contain a cross-site scripting XSS vulnerability via the page parameter in navbar.php...

6.1CVSS6.3AI score0.00486EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/02/06 12:0 a.m.4 views

PT-2023-19469 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version v2 Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability is present in the page parameter in the navbar.php file. Cross-site scripting XSS is a type of security...

6.1CVSS5.9AI score0.00486EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.5 views

PT-2022-25072 · Frappe · Frappe

Name of the Vulnerable Software and Affected Versions: Frappe affected versions not specified Description: A problematic issue was found in Frappe, affecting some unknown functionality of the file frappe/templates/includes/navbar/navbar search.html of the component Search. The manipulation of the...

6.1CVSS6AI score0.00585EPSS
Exploits0References5
OSV
OSV
added 2022/06/24 9:15 p.m.3 views

CVE-2022-32996

The django-navbar-client package of v0.9.50 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.8CVSS6.2AI score0.01857EPSS
Exploits1References3
NVD
NVD
added 2022/06/24 9:15 p.m.14 views

CVE-2022-32996

The django-navbar-client package of v0.9.50 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.8CVSS0.01857EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/06/24 9:15 p.m.2 views

CVE-2022-32996

The django-navbar-client package of v0.9.50 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.8CVSS6.2AI score0.01857EPSS
Exploits1References4
Rows per page
Query Builder