Lucene search
K

2300 matches found

NVD
NVD
added 2024/02/02 7:15 p.m.20 views

CVE-2023-37527

A reflected cross-site scripting XSS vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code in the application session or in database, via remote injection, while rendering content in a web page...

6.1CVSS6AI score0.00356EPSS
Exploits0References1
OSV
OSV
added 2024/02/02 7:15 p.m.4 views

CVE-2023-37527

A reflected cross-site scripting XSS vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code in the application session or in database, via remote injection, while rendering content in a web page...

6.1CVSS5.9AI score0.00356EPSS
Exploits0References1
Prion
Prion
added 2024/02/02 7:15 p.m.16 views

Cross site scripting

A reflected cross-site scripting XSS vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code in the application session or in database, via remote injection, while rendering content in a web page...

5.8CVSS6.2AI score0.00356EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/02/02 6:10 p.m.48 views

CVE-2023-37527

CVE-2023-37527 describes a reflected cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform . The issue can allow an attacker to execute malicious JavaScript in the application session or database via remote injection while rendering content on a web page. Th...

6.1CVSS6AI score0.00356EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/02/02 6:10 p.m.32 views

CVE-2023-37527 A cross-site scripting (XSS) vulnerability affects HCL BigFix Platform

A reflected cross-site scripting XSS vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code in the application session or in database, via remote injection, while rendering content in a web page...

5.4CVSS6.7AI score0.00356EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/01/30 3:1 a.m.2 views

SUSE CVE-2021-33829

A cross-site scripting XSS vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --! is mishandled...

6.1CVSS6.9AI score0.03189EPSS
Exploits0References3
OSV
OSV
added 2024/01/19 7:15 p.m.4 views

CVE-2024-0730

A vulnerability, which was classified as critical, was found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file courseajax.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

9.8CVSS6.5AI score0.00591EPSS
Exploits1References3
OSV
OSV
added 2024/01/12 4:15 p.m.5 views

CVE-2024-0460

A vulnerability was found in code-projects Faculty Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/pages/student-print.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed...

9.8CVSS5.7AI score0.005EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/01/12 12:0 a.m.5 views

Judging Management System security breach

Judging Management System is a judging management system by Carlo Montero Personal Developer. A security vulnerability exists in Sourcecodester Judging Management System v1.0, which stems from an SQL injection vulnerability that allows remote attackers to execute arbitrary code and obtain sensiti...

9.8CVSS8.5AI score0.01024EPSS
Exploits1References2
OSV
OSV
added 2024/01/07 3:15 p.m.2 views

CVE-2024-0280

A vulnerability has been found in Kashipara Food Management System up to 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file itemtypesubmit.php. The manipulation of the argument typename leads to sql injection. The attack can be launched remotely...

6.5CVSS5.7AI score0.00565EPSS
Exploits1References3
OSV
OSV
added 2023/12/30 9:15 a.m.3 views

CVE-2023-7172

A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the component Admin Dashboard. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been...

7.2CVSS5.5AI score0.01456EPSS
Exploits3References4
Positive Technologies
Positive Technologies
added 2023/12/28 12:0 a.m.5 views

PT-2023-32909 · Unknown · Shifuml Shifu

Name of the Vulnerable Software and Affected Versions: ShifuML shifu version 0.12.0 Description: A critical vulnerability has been found in the Java Expression Language Handler component, specifically in the file src/main/java/ml/shifu/shifu/core/DataPurifier.java. The manipulation of the...

8.1CVSS5.8AI score0.007EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2023/12/21 12:0 a.m.6 views

PT-2023-32847 · Byzoro +1 · Byzoro S210 +1

Name of the Vulnerable Software and Affected Versions: Byzoro S210 up to 20231210 Beijing Baichuo S210 up to 20231210 Description: A critical issue has been discovered, affecting an unknown function of the file /importexport.php. The manipulation of the sql argument leads to injection. This issue...

9.8CVSS7.8AI score0.14225EPSS
Exploits1References6
OSV
OSV
added 2023/12/13 7:15 p.m.4 views

CVE-2023-6772

A vulnerability, which was classified as critical, was found in OTCMS 7.01. Affected is an unknown function of the file /admin/indbackstage.php. The manipulation of the argument sqlContent leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

7.2CVSS5.6AI score0.00584EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/12/07 12:0 a.m.16 views

CVE-2023-48206

A Cross Site Scripting XSS vulnerability in GaatiTrack Courier Management System 1.0 allows a remote attacker to inject JavaScript via the page parameter to login.php or header.php...

6.1AI score0.00615EPSS
Exploits3References1
OSV
OSV
added 2023/11/30 3:15 p.m.4 views

CVE-2023-6402

A vulnerability, which was classified as critical, was found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file add-phlebotomist.php. The manipulation of the argument empid leads to sql injection. It is possible to initiate the attack remotely. The...

8.8CVSS5.7AI score0.00778EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2023/11/01 12:15 a.m.5 views

CVE-2023-47094

A Stored Cross-Site Scripting XSS vulnerability in the Account Plans tab of System Settings in Virtualmin 7.7 allows remote attackers to inject arbitrary web script or HTML via the Plan name field while editing Account plan details...

5.4CVSS5.9AI score0.00441EPSS
Exploits1References2
OSV
OSV
added 2023/10/27 10:15 p.m.0 views

DEBIAN-CVE-2023-46490

SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the formactions function in the managers.php function...

6.5CVSS6.8AI score0.01412EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/10/16 12:15 a.m.4 views

CVE-2022-48612

A Universal Cross Site Scripting UXSS vulnerability in ClassLink OneClick Extension through 10.7 allows remote attackers to inject JavaScript into any webpage, because a regular expression validating whether a URL is controlled by ClassLink is not present in all applicable places...

6.1CVSS6.1AI score0.00434EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/10/10 12:0 a.m.3 views

PT-2023-32133 · Byzoro · Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform

Name of the Vulnerable Software and Affected Versions: Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform versions up to 20230928 Description: A critical issue affects some unknown functionality of the file /log/download.php, where the manipulation of the file argument...

8.8CVSS7AI score0.14839EPSS
Exploits1References6
Rows per page
Query Builder