87 matches found
CVE-2023-26954
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the User Group module...
CVE-2023-26955
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Admin Group module...
CVE-2023-26955
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Admin Group module...
Cross site scripting
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Admin Group module...
Cross site scripting
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the User Group module...
OneKeyAdmin 跨站脚本漏洞
OneKeyAdmin is About plug-in management system based on Thinkphp6+Element, website, applet, mall, CMS, APP, ERP, API interface a system to get it all done, no scaffolding out of the box! A security vulnerability exists in OneKeyAdmin version 1.3.9, which stems from the discovery of a stored...
CVE-2023-26955
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Admin Group module...
CVE-2023-26955
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Admin Group module...
CVE-2023-26954
CVE-2023-26954 affects onekeyadmin v1.3.9, with a stored cross-site scripting (XSS) vulnerability in the User Group module . The issue is characterized as a stored XSS (root cause not further detailed in the sources) with CVSSv3.1 base metrics: AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N, base score 5.4 ...
CVE-2023-26953
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Add Administrator module...
OneKeyAdmin 跨站脚本漏洞
OneKeyAdmin is About plug-in management system based on Thinkphp6+Element, website, applet, mall, CMS, APP, ERP, API interface a system to get it all done, no scaffolding out of the box! A security vulnerability exists in OneKeyAdmin version 1.3.9, which stems from the discovery of a stored...
PT-2023-20872 · Unknown · Onekeyadmin
Name of the Vulnerable Software and Affected Versions: onekeyadmin version 1.3.9 Description: The issue is related to a stored cross-site scripting XSS vulnerability. This vulnerability is present in the User Group module. Recommendations: For onekeyadmin version 1.3.9, consider disabling the Use...
CVE-2023-26954
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the User Group module...
CVE-2023-26953
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the Add Administrator module...
CVE-2023-26954
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting XSS vulnerability via the User Group module...
PT-2023-20873 · Unknown · Onekeyadmin
Name of the Vulnerable Software and Affected Versions: onekeyadmin version 1.3.9 Description: The issue is related to a stored cross-site scripting XSS vulnerability. This vulnerability is present in the Admin Group module. Recommendations: For onekeyadmin version 1.3.9, consider disabling the...
OneKeyAdmin 跨站脚本漏洞
OneKeyAdmin is About plug-in management system based on Thinkphp6+Element, website, applets, malls, CMS, APP, ERP, API interface a system to get it all done, no scaffolding out of the box! A security vulnerability exists in OneKeyAdmin version 1.3.9, which stems from the discovery of a stored...
CVE-2023-26953
OneKeyAdmin v1.3.9 contains a stored XSS vulnerability in the Add Administrator module. The CVE describes impact limited to confidentiality and integrity (both Low) with no availability impact; attack vector is NETWORK, but requires LOW attack complexity, HIGH privileges, and user interaction. A ...
CVE-2023-26955
Affected software: onekeyadmin v1.3.9. Vulnerability: stored cross-site scripting (XSS) via the Admin Group module. Root cause / nature: XSS flaw enabling injection in the Admin Group component, as reported across multiple sources. Impact (as stated): medium severity per CVSS 3.1 (Base score 5.4)...
CVE-2023-26949
An arbitrary file upload vulnerability in the component /admin1/config/update of onekeyadmin v1.3.9 allows attackers to execute arbitrary code via a crafted PHP file...