Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-8107

Malware in sbrugna...

4.3CVSS6.4AI score0.01692EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-8108

Malware in sbrugna...

4.3CVSS6.4AI score0.01119EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-8109

Malware in sbrugna...

6.4CVSS6.4AI score0.01347EPSS
Exploits0References2
NVD
NVD
added 2015/02/01 2:59 a.m.19 views

CVE-2014-8268

QPR Portal before 2012.2.1 allows remote attackers to modify or delete notes via a direct request...

6.4CVSS6.6AI score0.01347EPSS
Exploits0References1
NVD
NVD
added 2015/02/01 2:59 a.m.15 views

CVE-2014-8267

Cross-site scripting XSS vulnerability in QPR Portal 2014.1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the RID parameter...

4.3CVSS5.7AI score0.01119EPSS
Exploits0References1
NVD
NVD
added 2015/02/01 2:59 a.m.20 views

CVE-2014-8266

Multiple cross-site scripting XSS vulnerabilities in the note-creation page in QPR Portal 2014.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 title or 2 body field...

4.3CVSS5.8AI score0.01692EPSS
Exploits0References1
Prion
Prion
added 2015/02/01 2:59 a.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in QPR Portal 2014.1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the RID parameter...

4.3CVSS6.1AI score0.01119EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2015/02/01 2:59 a.m.19 views

Server side request forgery (ssrf)

QPR Portal before 2012.2.1 allows remote attackers to modify or delete notes via a direct request...

6.4CVSS7.1AI score0.01347EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2015/02/01 2:0 a.m.28 views

CVE-2014-8266

Multiple cross-site scripting XSS vulnerabilities in the note-creation page in QPR Portal 2014.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 title or 2 body field...

5.8AI score0.01692EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/02/01 2:0 a.m.23 views

CVE-2014-8267

Cross-site scripting XSS vulnerability in QPR Portal 2014.1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the RID parameter...

5.7AI score0.01119EPSS
Exploits0References1
CVE
CVE
added 2015/02/01 2:0 a.m.57 views

CVE-2014-8266

CVE-2014-8266 is an XSS vulnerability in QPR Portal 2014.1.1 and earlier, affecting the note-creation page: attacker-supplied input in the title or body can inject script/HTML. The NVD entry describes multiple XSS vectors with a base CVSS v2 score of 4.3 (MEDIUM) and no data for exploitation stat...

4.3CVSS5.9AI score0.01692EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2015/02/01 2:0 a.m.44 views

CVE-2014-8268

QPR Portal CVE-2014-8268 is an authorization-bypass flaw in which an unauthenticated attacker could modify or delete notes by directly referencing identifiers in versions 2012.0-era and older (not affected in 2012.2.1+). The issue is documented as an authorization bypass via a user-controlled key...

6.4CVSS6.8AI score0.01347EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2015/02/01 2:0 a.m.50 views

CVE-2014-8267

CVE-2014-8267 is a reflected XSS vulnerability affecting QPR Portal 2014.1.1 and earlier, exploitable via the RID parameter. The issue, confirmed across multiple sources (NVD entry and CERT advisory), allows remote attackers to inject arbitrary script/HTML in the victim’s browser. The risk is des...

4.3CVSS5.9AI score0.01119EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2015/02/01 2:0 a.m.29 views

CVE-2014-8268

QPR Portal before 2012.2.1 allows remote attackers to modify or delete notes via a direct request...

6.6AI score0.01347EPSS
Exploits0References1
CNVD
CNVD
added 2015/01/27 12:0 a.m.5 views

QPR Portal HTML Injection Vulnerability

QPR Software Suite is a suite of business management and performance management products from the Finnish company QPR Software.QPR Portal is one of the portal products that provides features such as full-screen mode to introduce integrated navigation options, copy schematic location links and ope...

4.3CVSS7.6AI score0.01692EPSS
Exploits0References1
CNVD
CNVD
added 2015/01/27 12:0 a.m.6 views

QPR Portal Authentication Bypass Vulnerability

QPR Software Suite is a suite of business management and performance management products from the Finnish company QPR Software.QPR Portal is one of the portal products that provides features such as full-screen mode to introduce integrated navigation options, copy schematic location links and ope...

6.4CVSS6.8AI score0.01347EPSS
Exploits0References1
CERT
CERT
added 2015/01/23 12:0 a.m.29 views

QPR Portal contains multiple vulnerabilities

Overview QPR Portal versions 2014.1.1 and older contain reflected and stored cross-site scripting vulnerabilities, and versions 2012.2.0 and older contain an insecure direct object reference vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site...

6.4CVSS6AI score0.01692EPSS
Exploits0References6
Rows per page
Query Builder