Lucene search
+L

48 matches found

Prion
Prion
added 2023/06/07 8:15 p.m.17 views

Code injection

Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific parameters...

5CVSS7.5AI score0.04042EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/07 12:0 a.m.6 views

PT-2023-6977 · WordPress · Jeecg P3 Biz Chat

Name of the Vulnerable Software and Affected Versions: Jeecg P3 Biz Chat version 1.0.5 Description: The issue is related to the disclosure of information in the error data area of the Jeecg P3 Biz Chat plugin for WordPress content management systems. Exploitation of this issue may allow a remote...

7.8CVSS7.2AI score0.04042EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2023/03/06 12:0 a.m.5 views

CVE-2021-35377

Cross Site Scripting vulnerability found in VICIdial v2.14-610c and v.2.10-415c allows attackers execute arbitrary code via the /agc/vicidial.php, agc/vicidial-greay.php, and /vicidial/KHOMPadmin.php parameters...

7.5AI score0.00397EPSS
Exploits0References1
OSV
OSV
added 2022/08/18 8:15 a.m.3 views

CVE-2022-28715

Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.2AI score0.00546EPSS
Exploits0References2
CNVD
CNVD
added 2021/12/23 12:0 a.m.23 views

mySCADA myPRO OS Command Injection Vulnerability (CNVD-2021-102828)

mySCADA myPRO is an HMI/SCADA system designed primarily for the visualization and control of industrial processes. An operating system command injection vulnerability exists in mySCADA myPRO, which can be exploited by an attacker to inject arbitrary operating system commands via specific paramete...

10CVSS9.9AI score0.01218EPSS
Exploits0References1
NVD
NVD
added 2021/08/09 10:15 a.m.19 views

CVE-2021-37213

The check-in record page of Flygo contains Insecure Direct Object Reference IDOR vulnerability. After being authenticated as a general user, remote attackers can manipulate the employee ID and date in specific parameters to access particular employee’s check-in record...

4.3CVSS0.00764EPSS
Exploits0References1
NVD
NVD
added 2018/04/24 3:29 p.m.23 views

CVE-2017-17252

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20,...

5.3CVSS6AI score0.01248EPSS
Exploits0References1
Prion
Prion
added 2018/04/24 3:29 p.m.21 views

Out-of-bounds

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20,...

5CVSS5.8AI score0.01248EPSS
Exploits0References1Affected Software45
xssed
xssed
added 2012/11/01 12:0 a.m.17 views

Unfixed XSS vulnerability at www.gentag.fr

Security researcher Atmon3r, has submitted on 11/01/2012 a cross-site-scripting XSS vulnerability affecting www.gentag.fr, which at the time of submission ranked 5662573 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/01/2012. It is currentl...

6.6AI score
Exploits0References1
Cvelist
Cvelist
added 2012/10/04 5:0 p.m.20 views

CVE-2012-5296

Multiple cross-site scripting XSS vulnerabilities in Mavili Guestbook, as released in November 2007, allow remote attackers to inject arbitrary web script or HTML via the id parameter to 1 approve.asp, 2 delete.asp, 3 edit.asp, or 4 edit2.asp...

5.8AI score0.01206EPSS
Exploits1References4
Prion
Prion
added 2012/08/13 6:55 p.m.16 views

Sql injection

Multiple SQL injection vulnerabilities in MYRE Real Estate Software 2012 Q2 allow remote attackers to execute arbitrary SQL commands via the 1 linkidd parameter to 1mobile/listings.php or 2 userid parameter to 1mobile/agentprofile.php...

7.5CVSS9.3AI score0.01122EPSS
Exploits1References4Affected Software1
xssed
xssed
added 2011/10/28 12:0 a.m.13 views

Unfixed XSS vulnerability at www.zsecure.net

Security researcher watt, has submitted on 28/10/2011 a cross-site-scripting XSS vulnerability affecting www.zsecure.net, which at the time of submission ranked 821534 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/11/2011. It is currently...

Exploits0References1
NVD
NVD
added 2011/05/20 10:55 p.m.23 views

CVE-2011-2148

Admin/frmSite.aspx in the SmarterTools SmarterStats 6.0 web server allows remote attackers to execute arbitrary commands via vectors involving a leading and trailing & ampersand character, and 1 an STTTState cookie, 2 the ctl00%24MPH%24txtAdminNewPasswordSettingText parameter, 3 the...

10CVSS7.7AI score0.05321EPSS
Exploits0References4
xssed
xssed
added 2010/05/01 12:0 a.m.18 views

Unfixed XSS vulnerability at www.dailycamera.com

Security researcher PaPPy, has submitted on 05/01/2010 a cross-site-scripting XSS vulnerability affecting www.dailycamera.com, which at the time of submission ranked 35086 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 20/12/2011. It is...

Exploits0References1
Prion
Prion
added 2010/04/22 2:30 p.m.15 views

Sql injection

Multiple SQL injection vulnerabilities in Family Connections aka FCMS before 1.8.2 allow remote attackers to execute arbitrary SQL commands via the 1 letter parameter to addressbook.php, 2 id parameter to recipes.php, 3 year parameter to register.php, 4 pollid parameter to home.php, and 5 email...

7.5CVSS9.3AI score0.01283EPSS
Exploits1References7Affected Software1
xssed
xssed
added 2008/11/22 12:0 a.m.18 views

Unfixed XSS vulnerability at www.espace-plus.net

Security researcher xylitol, has submitted on 22/11/2008 a cross-site-scripting XSS vulnerability affecting www.espace-plus.net, which at the time of submission ranked 55626 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 29/11/2011. It is...

Exploits0References1
xssed
xssed
added 2008/08/15 12:0 a.m.13 views

Unfixed XSS vulnerability at www.nuov.cz

Security researcher austinator, has submitted on 15/08/2008 a cross-site-scripting XSS vulnerability affecting www.nuov.cz, which at the time of submission ranked 1001208 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 16/08/2008. It is current...

6.6AI score
Exploits0References1
xssed
xssed
added 2008/03/23 12:0 a.m.19 views

Unfixed XSS vulnerability at abcdefghijklmnopqrstuvwxyz.com

Security researcher fallingmidget, has submitted on 23/03/2008 a cross-site-scripting XSS vulnerability affecting abcdefghijklmnopqrstuvwxyz.com, which at the time of submission ranked 1580405 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on...

Exploits0References1
xssed
xssed
added 2007/10/09 12:0 a.m.12 views

Unfixed XSS vulnerability at www.aggieathletics.com

Security researcher onlysamurai, has submitted on 10/09/2007 a cross-site-scripting XSS vulnerability affecting www.aggieathletics.com, which at the time of submission ranked 147352 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/09/2007. It...

6.6AI score
Exploits0References1
xssed
xssed
added 2007/09/29 12:0 a.m.15 views

Unfixed XSS vulnerability at kangasniemi.regweb.fi

Security researcher Uber0n, has submitted on 29/09/2007 a cross-site-scripting XSS vulnerability affecting kangasniemi.regweb.fi, which at the time of submission ranked 63656 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 03/10/2007. It is...

6.6AI score
Exploits0References1
Rows per page
Query Builder