Lucene search
K

218 matches found

OSV
OSV
added 2025/09/08 7:15 a.m.3 views

CVE-2025-10088

A vulnerability was detected in SourceCodester Time Tracker 1.0. The affected element is an unknown function of the file /index.html. Performing manipulation of the argument project-name results in cross site scripting. The attack may be initiated remotely. The exploit is now public and may be us...

5.4CVSS4.4AI score0.00257EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/09/08 7:2 a.m.10 views

CVE-2025-10088 SourceCodester Time Tracker index.html cross site scripting

A vulnerability was detected in SourceCodester Time Tracker 1.0. The affected element is an unknown function of the file /index.html. Performing manipulation of the argument project-name results in cross site scripting. The attack may be initiated remotely. The exploit is now public and may be us...

5.1CVSS0.00257EPSS
Exploits1References5
CVE
CVE
added 2025/09/08 7:2 a.m.20 views

CVE-2025-10088

CVE-2025-10088 affects SourceCodester Time Tracker 1.0. An unknown function in /index.html is vulnerable when manipulating the project-name parameter, enabling cross-site scripting that could be triggered remotely. Exploit is publicly available (PoC). A practical interim mitigation from PT-2025-3...

5.4CVSS5.5AI score0.00257EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/08 7:2 a.m.3 views

CVE-2025-10088 SourceCodester Time Tracker index.html cross site scripting

A vulnerability was detected in SourceCodester Time Tracker 1.0. The affected element is an unknown function of the file /index.html. Performing manipulation of the argument project-name results in cross site scripting. The attack may be initiated remotely. The exploit is now public and may be us...

5.1CVSS3.8AI score0.00257EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/09/08 12:0 a.m.4 views

PT-2025-36446

Name of the Vulnerable Software and Affected Versions: SourceCodester Time Tracker version 1.0 Description: A cross-site scripting XSS vulnerability exists due to manipulation of the project-name argument. The vulnerability affects an unknown function within the /index.html file. The exploit is...

5.4CVSS4AI score0.00257EPSS
Exploits1References13
Vulnrichment
Vulnrichment
added 2025/08/27 4:48 p.m.5 views

CVE-2025-34157 Coolify Stored Cross-Site Scripting (XSS) in Project Name Field

Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a stored cross-site scripting XSS attack in the project creation workflow. An authenticated user with low privileges can create a project with a maliciously crafted name containing embedded JavaScript. When an administrator attempts to...

9.4CVSS5.3AI score0.00448EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/27 4:48 p.m.13 views

CVE-2025-34157 Coolify Stored Cross-Site Scripting (XSS) in Project Name Field

Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a stored cross-site scripting XSS attack in the project creation workflow. An authenticated user with low privileges can create a project with a maliciously crafted name containing embedded JavaScript. When an administrator attempts to...

9.4CVSS0.00448EPSS
Exploits0References3
CVE
CVE
added 2025/08/27 4:48 p.m.23 views

CVE-2025-34157

CVE-2025-34157 concerns Coolify. A stored XSS in the project-creation workflow affects versions prior to 4.0.0-beta.420.6. An authenticated user with low privileges can craft a project name containing JavaScript, which when an administrator deletes the project executes in the admin context, enabl...

9.4CVSS5.3AI score0.00448EPSS
Exploits0References3Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in umbra-tide-ehe932-project (npm)

The package umbra-tide-ehe932-project was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in xylophone-brook-uti375-project (npm)

The package xylophone-brook-uti375-project was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in project-eh7vv-yankee (npm)

The package project-eh7vv-yankee was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in dewdrop-kite-tea960-project (npm)

The package dewdrop-kite-tea960-project was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in icicle-jade-ysp547-project (npm)

The package icicle-jade-ysp547-project was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in project-yl4sx-lemon (npm)

The package project-yl4sx-lemon was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-30084 Malicious code in project-d56rk-zucchini (npm)

The package project-d56rk-zucchini was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-29835 Malicious code in project-4h5ip-ugli (npm)

The package project-4h5ip-ugli was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-27960 Malicious code in nymph-nectar-pel131-project (npm)

The package nymph-nectar-pel131-project was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.0 views

MAL-2025-30371 Malicious code in project-mwi5v-mike (npm)

The package project-mwi5v-mike was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in project-fbywc-mango (npm)

The package project-fbywc-mango was found to contain malicious code...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 9:41 a.m.10 views

CVE-2024-25218

A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Project Name parameter /TaskManager/Projects.php...

6.1CVSS5.9AI score0.00411EPSS
Exploits1References1
Rows per page
Query Builder