Lucene search
K

113 matches found

Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.10 views

PT-2024-90: Cross-Site Request Forgery (CSRF) and Path Traversal in Netcat CMS (module filemanager)

The vulnerability was identified in Netcat CMS module filemanager, version 6.4 Extra. The vulnerability is related to cross-site request forgery. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the...

8.1CVSS7.7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.8 views

PT-2024-87: Reflected Cross-Site Scripting (XSS) in Netcat CMS (stats module)

The vulnerability was identified in Netcat stats module, version 6.4 Extra. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked user. Vulnerability status: Confirmed by vendor Date of...

9.3CVSS7.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.12 views

PT-2024-95: Cross-Site Request Forgery (CSRF) and Reflected Cross-Site Scripting (XSS) in Netcat CMS (module netshop)

The vulnerability was identified in Netcat CMS module netshop, version 6.4 Extra. The vulnerability is related to cross-site request forgery. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked...

8.8CVSS7.7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.10 views

PT-2024-92: Reflected Cross-Site Scripting (XSS) in Netcat CMS (filemanager module)

The vulnerability was identified in Netcat filemanager module, version 6.4 Extra. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked user. Vulnerability status: Confirmed by vendor Date of...

9.3CVSS7.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.9 views

PT-2024-93: Reflected Cross-Site Scripting (XSS) in Netcat CMS (landing module)

The vulnerability was identified in Netcat landing module, version 6.4 Extra. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked user. Vulnerability status: Confirmed by vendor Date of...

9.3CVSS7.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.11 views

PT-2024-85: Reflected Cross-Site Scripting (XSS) in Netcat CMS (netshop module)

The vulnerability was identified in Netcat CMS netshop module, version 6.4 Extra. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked user. Vulnerability status: Confirmed by vendor Date of...

9.3CVSS7.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.18 views

PT-2024-76: Time-based SQL Injection in Netcat CMS (module comments)

The vulnerability was identified in Netcat CMS module comments, version 6.4 Extra. The discovered vulnerability allows an attacker to read information from the database. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 20.08.2024 Recommendations: Update to version or...

9.4CVSS6.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.11 views

PT-2024-94: Cross-Site Request Forgery (CSRF) and Reflected Cross-Site Scripting (XSS) in Netcat CMS (module netshop)

The vulnerability was identified in Netcat CMS module netshop, version 6.4 Extra. The vulnerability is related to cross-site request forgery. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked...

8.8CVSS7.7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.19 views

PT-2024-97: Cross-Site Request Forgery (CSRF) and Reflected Cross-Site Scripting (XSS) in Netcat CMS (module netshop)

The vulnerability was identified in Netcat CMS module netshop, version 6.4 Extra. The vulnerability is related to cross-site request forgery. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked...

8.8CVSS7.7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.10 views

PT-2024-84: Reflected Cross-Site Scripting (XSS) in Netcat CMS (netshop module)

The vulnerability was identified in Netcat netshop module, version 6.4 Extra. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked user. Vulnerability status: Confirmed by vendor Date of...

9.3CVSS7.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.15 views

PT-2024-86: Reflected Cross-Site Scripting (XSS) in Netcat CMS (netshop module)

The vulnerability was identified in Netcat netshop module, version 6.4 Extra. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked user. Vulnerability status: Confirmed by vendor Date of...

9.3CVSS7.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.8 views

PT-2024-75: Time-based SQL Injection in Netcat CMS (module messaging)

The vulnerability was identified in Netcat CMS module messaging, version 6.4 Extra. The discovered vulnerability allows an attacker to read information from the database. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 20.08.2024 Recommendations: Update to version or...

9.4CVSS6.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.10 views

PT-2024-81: Reflected Cross-Site Scripting (XSS) in Netcat CMS (landing module)

The vulnerability was identified in Netcat landing module, version 6.4 Extra. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked user. Vulnerability status: Confirmed by vendor Date of...

9.3CVSS7.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.13 views

PT-2024-83: Reflected Cross-Site Scripting (XSS) in Netcat CMS (netshop module)

The vulnerability was identified in Netcat netshop module, version 6.4 Extra. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked user. Vulnerability status: Confirmed by vendor Date of...

9.3CVSS7.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.15 views

PT-2024-80: Reflected Cross-Site Scripting (XSS) in Netcat CMS (comments module)

The vulnerability was identified in Netcat comments module, version 6.4 Extra. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked user. Vulnerability status: Confirmed by vendor Date of...

9.3CVSS7.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.15 views

PT-2024-96: Cross-Site Request Forgery (CSRF) and Reflected Cross-Site Scripting (XSS) in Netcat CMS (module netshop)

The vulnerability was identified in Netcat CMS module netshop, version 6.4 Extra. The vulnerability is related to cross-site request forgery. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked...

8.8CVSS7.7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/07/16 12:0 a.m.12 views

PT-2024-5677 · Unknown · Netcat Cms

Name of the Vulnerable Software and Affected Versions: Netcat CMS affected versions not specified Description: The issue is related to a parameter in the market module of the Netcat CMS system, which is vulnerable to cross-site request forgery. This could allow a remote attacker to execute...

9CVSS7.4AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/16 12:0 a.m.9 views

PT-2024-5678 · Unknown · Netcat Cms

Name of the Vulnerable Software and Affected Versions: Netcat CMS affected versions not specified Description: The issue exists due to a lack of protection for the web page structure in the filemanager module of the Netcat CMS system. This allows a remote attacker to execute arbitrary JavaScript...

9CVSS7.6AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/16 12:0 a.m.13 views

PT-2024-5683 · Unknown · Netcat Cms

Name of the Vulnerable Software and Affected Versions: Netcat CMS calendar module affected versions not specified Description: The issue is related to a cross-site request forgery vulnerability in the calendar module of the Netcat CMS system. This could allow a remote attacker to execute arbitrar...

9CVSS7.5AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/16 12:0 a.m.11 views

PT-2024-5690 · Unknown · Netcat Cms

Name of the Vulnerable Software and Affected Versions: Netcat CMS affected versions not specified Description: The issue is related to the implementation of the subscribes delete confirm method in the comments module of the Netcat CMS system, which fails to take measures to protect the SQL query...

9CVSS7.7AI score
Exploits0References2
Rows per page
Query Builder