39 matches found
EUVD-2018-10476
Malware in sbrugna...
EUVD-2024-46631
Malicious code in bioql PyPI...
EUVD-2024-46629
Malicious code in bioql PyPI...
EUVD-2024-46630
Malicious code in bioql PyPI...
CVE-2024-5409
RhinOS 3.0-1190 is vulnerable to an XSS via the "tamper" parameter in /admin/lib/phpthumb/phpthumb.php. An attacker could create a malicious URL and send it to a victim to obtain their session details...
CVE-2024-5409
RhinOS 3.0-1190 is vulnerable to an XSS via the "tamper" parameter in /admin/lib/phpthumb/phpthumb.php. An attacker could create a malicious URL and send it to a victim to obtain their session details...
CVE-2024-5408
Vulnerability in RhinOS 3.0-1190 consisting of an XSS through the "search" parameter of /portal/search.htm. This vulnerability could allow a remote attacker to steal details of a victim's user session by submitting a specially crafted URL...
CVE-2024-5407
A vulnerability in RhinOS 3.0-1190 could allow PHP code injection through the "search" parameter in /portal/search.htm. This vulnerability could allow a remote attacker to perform a reverse shell on the remote system, compromising the entire infrastructure...
CVE-2024-5408
Vulnerability in RhinOS 3.0-1190 consisting of an XSS through the "search" parameter of /portal/search.htm. This vulnerability could allow a remote attacker to steal details of a victim's user session by submitting a specially crafted URL...
CVE-2024-5407
A vulnerability in RhinOS 3.0-1190 could allow PHP code injection through the "search" parameter in /portal/search.htm. This vulnerability could allow a remote attacker to perform a reverse shell on the remote system, compromising the entire infrastructure...
CVE-2024-5409 Cross-site Scripting vulnerability in RhinOS from SaltOS
RhinOS 3.0-1190 is vulnerable to an XSS via the "tamper" parameter in /admin/lib/phpthumb/phpthumb.php. An attacker could create a malicious URL and send it to a victim to obtain their session details...
CVE-2024-5409
RhinOS 3.0-1190 is vulnerable to XSS via the tamper parameter in /admin/lib/phpthumb/phpthumb.php. An attacker can craft a malicious URL to steal session details when a victim accesses it. Connected sources confirm the affected component and path; exploitation details beyond this are not provided...
CVE-2024-5409 Cross-site Scripting vulnerability in RhinOS from SaltOS
RhinOS 3.0-1190 is vulnerable to an XSS via the "tamper" parameter in /admin/lib/phpthumb/phpthumb.php. An attacker could create a malicious URL and send it to a victim to obtain their session details...
CVE-2024-5408 Cross-site Scripting vulnerability in RhinOS from SaltOS
Vulnerability in RhinOS 3.0-1190 consisting of an XSS through the "search" parameter of /portal/search.htm. This vulnerability could allow a remote attacker to steal details of a victim's user session by submitting a specially crafted URL...
CVE-2024-5408
CVE-2024-5408: A cross-site scripting vulnerability affects RhinOS 3.0-1190, exploitable via the search parameter of /portal/search.htm. A remote attacker could potentially steal a victim’s session details by crafting a URL. The available documents confirm the affected component and endpoint, and...
CVE-2024-5408 Cross-site Scripting vulnerability in RhinOS from SaltOS
Vulnerability in RhinOS 3.0-1190 consisting of an XSS through the "search" parameter of /portal/search.htm. This vulnerability could allow a remote attacker to steal details of a victim's user session by submitting a specially crafted URL...
CVE-2024-5407
CVE-2024-5407 affects RhinOS 3.0-1190. A PHP code injection via the search parameter in /portal/search.htm is described, enabling a remote attacker to run a reverse shell and thereby compromise the entire infrastructure. Concrete details from connected sources specify the vulnerable component (Rh...
CVE-2024-5407 Code Injection vulnerability in RhinOS from SaltOS
A vulnerability in RhinOS 3.0-1190 could allow PHP code injection through the "search" parameter in /portal/search.htm. This vulnerability could allow a remote attacker to perform a reverse shell on the remote system, compromising the entire infrastructure...
RhinOS 安全漏洞
RhinOS is a web development framework. A security vulnerability exists in RhinOS version 3.0-1190, which originates from an easy cross-site scripting XSS attack via the search parameter in /portal/search.htm, which allows an attacker to steal details of a victim's user session by submitting a...
PT-2024-36022 · Rhinos · Rhinos
Name of the Vulnerable Software and Affected Versions: RhinOS versions 3.0-1190 Description: The issue allows a remote attacker to steal user session details by submitting a specially crafted URL, exploiting an XSS vulnerability through the search parameter of the "/portal/search.htm" API endpoin...