Lucene search
+L

9 matches found

cnnvd
cnnvd
added 2025/11/24 12:0 a.m.4 views

Austrian Academy of Sciences OpenAtlas 安全漏洞

Austrian Academy of Sciences OpenAtlas is a database application dealing with archaeology and history organized by the Austrian Academy of Sciences in Austria. A security vulnerability exists in Austrian Academy of Sciences OpenAtlas versions prior to 8.12.0, which stems from a reflected cross-si...

4.6CVSS5.8AI score0.00189EPSS
Exploits0References3
cve
cve
added 2025/11/24 12:0 a.m.22 views

CVE-2025-60917

CVE-2025-60917 is a reflected XSS in Austrian Archaeological Institute Openatlas prior to v8.12.0, discovered via the /overview/network/ endpoint where an attacker injects a payload into the color parameter to run code in a user’s browser. The vulnerability arises from unvalidated/reflected input...

4.6CVSS5.9AI score0.00189EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2025/11/24 12:0 a.m.10 views

PT-2025-47933

A reflected cross-site scripting XSS vulnerability in the /overview/network/ endpoint of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the color parameter...

6.3AI score0.00189EPSS
Exploits0References3
cve
cve
added 2025/11/24 12:0 a.m.16 views

CVE-2025-60916

CVE-2025-60916 is a reflected XSS vulnerability in Austrian OpenAtlas. The issue affects the /overview/network/ endpoint prior to OpenAtlas v8.12.0, where an attacker can inject a crafted payload into the charge parameter to execute arbitrary JavaScript in a user’s browser. The Red Hat/EU ENISA/O...

5.4CVSS5.9AI score0.0021EPSS
Exploits0References2Affected Software1
osv
osv
added 2025/11/24 12:0 a.m.4 views

CVE-2025-60916

A reflected cross-site scripting XSS vulnerability in the /overview/network/ endpoint of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the charge parameter...

5.4CVSS6.2AI score0.0021EPSS
Exploits0References4
nvd
nvd
added 2025/08/04 5:15 p.m.7 views

CVE-2025-51534

A cross-site scripting XSS vulnerability in Austrian Archaeological Institute AI OpenAtlas v8.11.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field...

8.1CVSS0.00386EPSS
Exploits1References2
cve
cve
added 2025/08/04 12:0 a.m.28 views

CVE-2025-51536

CVE-2025-51536 affects OpenAtlas v8.11.0 from the Austrian Archaeological Institute. The root cause is a hardcoded Administrator password within the OpenAtlas system, enabling an attacker to potentially gain privileged access. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) yields a 9.8...

9.8CVSS7AI score0.00526EPSS
Exploits1References2Affected Software1
cnnvd
cnnvd
added 2025/08/04 12:0 a.m.5 views

Austrian Archaeological Institute OpenAtlas 安全漏洞

Austrian Archaeological Institute OpenAtlas is a software platform for humanities research from Austrian Archaeological Institute, Austria. A security vulnerability exists in Austrian Archaeological Institute OpenAtlas version v8.11.0 that stems from the presence of SQL injection...

9.1CVSS7.4AI score0.00435EPSS
Exploits1References3
vulnrichment
vulnrichment
added 2025/08/04 12:0 a.m.4 views

CVE-2025-51536

Austrian Archaeological Institute AI OpenAtlas v8.11.0 as discovered to contain a hardcoded Administrator password...

7.5AI score0.00526EPSS
Exploits1References2
Rows per page
Query Builder