Lucene search
K

29 matches found

CNNVD
CNNVD
added 2021/06/28 12:0 a.m.4 views

Enhancesoft osTicket 跨站脚本漏洞

osTicket is a widely used and trusted open source work order support ticket system. A cross-site scripting vulnerability exists in osTicket versions prior to 1.12.6. An attacker can exploit this vulnerability via the queue-name parameter in include/class.queue.php...

6.1CVSS5.3AI score0.00686EPSS
Exploits0References1
Veracode
Veracode
added 2021/04/07 1:33 a.m.16 views

Cross-site-scripting (XSS)

sidekiq is vulnerable to cross-site-scripting. An attacker is able to inject and execute malicious code via the queue name of the live-poll feature when Internet Explorer is used...

6.1CVSS3.8AI score0.04158EPSS
Exploits1References3Affected Software3
Snyk
Snyk
added 2021/04/06 6:53 a.m.3 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the queue name of the live-poll feature when Internet Explorer is used. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” a malicious script into an otherwise...

6.1CVSS5.3AI score0.04158EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2021/04/06 12:0 a.m.6 views

PT-2021-18635

Name of the Vulnerable Software and Affected Versions Sidekiq versions 5.1.3 and earlier Sidekiq versions 6.x through 6.2.0 Description The issue allows for XSS via the queue name of the live-poll feature, specifically when Internet Explorer is used. Recommendations For Sidekiq versions 5.1.3 and...

7.5CVSS6.7AI score0.05258EPSS
Exploits2References505
CNNVD
CNNVD
added 2021/04/06 12:0 a.m.16 views

Mike Perham sidekiq 跨站脚本漏洞

Mike Perham sidekiq is a Mike Perham open source application. Use threads to process many jobs simultaneously in the same process A cross-site scripting vulnerability exists in Mike Perham Sidekiq version 5.1.3 and earlier and 6.x series version 6.2.0 and earlier, which can be exploited by an...

6.1CVSS5.2AI score0.04158EPSS
Exploits1References8
OSV
OSV
added 2019/11/13 7:15 p.m.6 views

CVE-2019-16950

An XSS issue was discovered in Enghouse Web Chat 6.1.300.31 and 6.2.284.34. The QueueName parameter of a GET request allows for insertion of user-supplied JavaScript...

6.1CVSS6.4AI score0.00686EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2010/04/14 12:0 a.m.33 views

RPM Select/Elite 5.0 - '.xml Configuration parsing' Unicode Buffer Overflow (PoC)

!/usr/bin/python RPM Select/Elite v5.0 .xml config parsing unicode buffer overflow PoC Found by: mrme - http://net-ninja.net/ Homepage: http://lpd.brooksnet.com/ Download: http://www.brooksnet.com/download-rpmselect Tested on: Windows XP SP3 Advisory:...

7.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2008/10/14 12:0 a.m.26 views

Microsoft Windows Message Queuing Service Queue Name Handling (MS08-065) - ver 2 (CVE-2008-3479)

Microsoft Message Queuing MSMQ is a component of Microsoft Windows designed to act as a message portal between a set of applications requiring message exchange functionality. MSMQ enables applications that are running at different times to communicate across heterogeneous networks and across...

10CVSS6.9AI score0.44474EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2005/07/14 5:48 p.m.33 views

Moderate: Red Hat Security Advisory: cups security update

Updated CUPS packages that fix a security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Common UNIX Printing System CUPS provides a portable printing layer for UNIXR operating system...

9.8CVSS5.7AI score0.02435EPSS
Exploits1References2
Rows per page
Query Builder