12 matches found
CVE-2023-45471
The QAD Search Server is vulnerable to Stored Cross-Site Scripting XSS in versions up to, and including, 1.0.0.315 due to insufficient checks on indexes. This makes it possible for unauthenticated attackers to create a new index and inject a malicious web script into its name, that will execute...
EUVD-2023-49763
Malicious code in bioql PyPI...
CVE-2023-45471
The QAD Search Server is vulnerable to Stored Cross-Site Scripting XSS in versions up to, and including, 1.0.0.315 due to insufficient checks on indexes. This makes it possible for unauthenticated attackers to create a new index and inject a malicious web script into its name, that will execute...
CVE-2023-45471
The QAD Search Server is vulnerable to Stored Cross-Site Scripting XSS in versions up to, and including, 1.0.0.315 due to insufficient checks on indexes. This makes it possible for unauthenticated attackers to create a new index and inject a malicious web script into its name, that will execute...
CVE-2023-45471
The QAD Search Server is vulnerable to Stored Cross-Site Scripting XSS in versions up to, and including, 1.0.0.315 due to insufficient checks on indexes. This makes it possible for unauthenticated attackers to create a new index and inject a malicious web script into its name, that will execute...
Cross site scripting
The QAD Search Server is vulnerable to Stored Cross-Site Scripting XSS in versions up to, and including, 1.0.0.315 due to insufficient checks on indexes. This makes it possible for unauthenticated attackers to create a new index and inject a malicious web script into its name, that will execute...
QAD Search Server Cross-Site Scripting Vulnerability
QAD Search Server is a search server application from QAD Corporation. A security vulnerability exists in QAD Search Server version 1.0.0.315 and earlier, which stems from vulnerability to a stored cross-site scripting XSS attack that allows an unauthenticated attacker to create new indexes and...
CVE-2023-45471
The CVE-2023-45471 entry describes a Stored XSS flaw in QAD Search Server up to version 1.0.0.315 caused by insufficient index validation, allowing unauthenticated attackers to create an index and inject script that runs when users load the search page. Multiple connected documents corroborate th...
CVE-2023-45471
The QAD Search Server is vulnerable to Stored Cross-Site Scripting XSS in versions up to, and including, 1.0.0.315 due to insufficient checks on indexes. This makes it possible for unauthenticated attackers to create a new index and inject a malicious web script into its name, that will execute...
CVE-2023-45471
The QAD Search Server is vulnerable to Stored Cross-Site Scripting XSS in versions up to, and including, 1.0.0.315 due to insufficient checks on indexes. This makes it possible for unauthenticated attackers to create a new index and inject a malicious web script into its name, that will execute...
PT-2023-29561 · Qad · Qad Search Server
Name of the Vulnerable Software and Affected Versions: QAD Search Server versions up to, and including, 1.0.0.315 Description: The QAD Search Server is vulnerable to Stored Cross-Site Scripting XSS due to insufficient checks on indexes. This allows unauthenticated attackers to create a new index...
Exploit for Cross-site Scripting in Qad Search_Server
CVE ID: CVE-2023-45471 Vulnerability Type: Cross-Site S...