87 matches found
CVE-2023-26952
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Add Menu module...
CVE-2023-26950
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Title parameter under the Adding Categories module...
CVE-2023-26950
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Title parameter under the Adding Categories module...
Cross site scripting
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Title parameter under the Adding Categories module...
CVE-2023-26956
onekeyadmin v1.3.9 was discovered to contain an arbitrary file read vulnerability via the component /admin1/curd/code...
CVE-2023-26950
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Title parameter under the Adding Categories module...
OneKeyAdmin 安全漏洞
OneKeyAdmin is About plug-in management system based on Thinkphp6+Element, website, applets, malls, CMS, APP, ERP, API interface a system to get it all done, no scaffolding out of the box! OneKeyAdmin v1.3.9 version of the existence of security vulnerabilities , the vulnerability stems from the...
CVE-2023-26956
onekeyadmin v1.3.9 was discovered to contain an arbitrary file read vulnerability via the component /admin1/curd/code...
PT-2023-20868 · Unknown · Onekeyadmin
Name of the Vulnerable Software and Affected Versions: onekeyadmin version 1.3.9 Description: The issue is related to a stored cross-site scripting XSS vulnerability. This vulnerability can be exploited via the Title parameter under the Adding Categories module. Recommendations: For onekeyadmin...
OneKeyAdmin 跨站脚本漏洞
OneKeyAdmin is About plug-in management system based on Thinkphp6+Element, website, applets, malls, CMS, APP, ERP, API interface a system to get it all done, no scaffolding out of the box! A security vulnerability exists in OneKeyAdmin v1.3.9, which stems from a stored cross-site scripting XSS...
OneKeyAdmin 安全漏洞
OneKeyAdmin is About plug-in management system based on Thinkphp6+Element, website, applets, malls, CMS, APP, ERP, API interface a system to get it all done, no scaffolding out of the box! OneKeyAdmin v1.3.9 version of the existence of security vulnerabilities , the vulnerability stems from the...
OneKeyAdmin 跨站脚本漏洞
OneKeyAdmin is About plug-in management system based on Thinkphp6+Element, website, applets, malls, CMS, APP, ERP, API interface a system to get it all done, no scaffolding out of the box! A security vulnerability exists in OneKeyAdmin v1.3.9, which stems from a stored cross-site scripting XSS...
CVE-2023-26950
CVE-2023-26950 affects onekeyadmin v1.3.9 with a stored XSS in the Title parameter of the Adding Categories module. The issue is documented with CVSSv3.1: AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N (base score 5.4; MEDIUM). Root cause details are not expanded beyond the stored XSS description in the sou...
CVE-2023-26952
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Add Menu module...
CVE-2023-26952
CVE-2023-26952 affects OneKeyAdmin v1.3.9, with a stored cross-site scripting (XSS) vulnerability exposed through the Add Menu module. Multiple connected sources corroborate a stored XSS issue in OneKeyAdmin v1.3.9 but do not provide concrete details on root cause beyond the Add Menu vector, impa...
CVE-2023-26952
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Add Menu module...
CVE-2023-26956
Affected software: OneKeyAdmin v1.3.9. Vulnerability: arbitrary file read via the endpoint /admin1/curd/code. Impact: confidentiality impact is high per CVSS metrics, indicating potential unauthorized disclosure of sensitive data. The available connected documents confirm the product/version and ...
CVE-2023-26950
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Title parameter under the Adding Categories module...
CVE-2023-26953
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Add Administrator module...
CVE-2023-26953
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Add Administrator module...