Lucene search
K

118 matches found

CVE
CVE
added 2022/01/21 6:55 p.m.50 views

CVE-2021-33966

Spotweb 1.4.9 contains a Cross-Site Scripting (XSS) vulnerability that allows authenticated attackers to execute arbitrary code via a crafted GET request to the login page. The issue is documented across multiple feeds (NVD entry CVE-2021-33966 and related sources) with a confirmed XSS vector on ...

5.4CVSS5.4AI score0.0088EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2022/01/21 6:55 p.m.20 views

CVE-2021-33966

Removed by vendor...

5.4CVSS5.5AI score0.0088EPSS
Exploits1
CNNVD
CNNVD
added 2022/01/21 12:0 a.m.4 views

Spotweb 跨站脚本漏洞

Spotweb is a Php-based Soptnet client from the Spotweb team that follows the Spotnet protocol. JavaScript code...

5.4CVSS5.5AI score0.0088EPSS
Exploits1References2
CNVD
CNVD
added 2021/10/08 12:0 a.m.14 views

Spotweb Cross-Site Scripting Vulnerability (CNVD-2021-83614)

Spotweb is a Php-based Soptnet client that follows the Spotnet protocol from the Spotweb team. 1.5.1 and previous versions of Spotweb have a cross-site scripting vulnerability that can be exploited by attackers to execute JavaScript code on the client side...

4.3CVSS4.3AI score0.02204EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2021/10/08 12:0 a.m.18 views

Spotweb Cross-Site Scripting Vulnerability (CNVD-2021-83616)

Spotweb is a Php-based Soptnet client that follows the Spotnet protocol from the Spotweb team. 1.5.1 and previous versions of Spotweb have a cross-site scripting vulnerability that can be exploited by attackers to execute JavaScript code on the client side...

4.3CVSS4.3AI score0.02204EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2021/10/08 12:0 a.m.16 views

Spotweb Cross-Site Scripting Vulnerability

Spotweb is a Php-based Soptnet client that follows the Spotnet protocol from the Spotweb team.A cross-site scripting vulnerability exists in Spotweb 1.5.1 and below, which can be exploited by remote attackers to inject arbitrary Web scripts or HTML via the newpassword2 parameter...

4.3CVSS4AI score0.02204EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2021/10/08 12:0 a.m.17 views

Spotweb Cross-Site Scripting Vulnerability (CNVD-2021-83615)

Spotweb is a Php-based Soptnet client that follows the Spotnet protocol from the Spotweb team. 1.5.1 and previous versions of Spotweb have a cross-site scripting vulnerability that can be exploited by attackers to execute JavaScript code on the client side...

4.3CVSS4.3AI score0.02204EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2021/10/08 12:0 a.m.13 views

Spotweb Cross-Site Scripting Vulnerability (CNVD-2021-83613)

Spotweb is a Php-based Soptnet client that follows the Spotnet protocol from the Spotweb team. 1.5.1 and previous versions of Spotweb have a cross-site scripting vulnerability that can be exploited by attackers to execute JavaScript code on the client side...

4.3CVSS4.3AI score0.02214EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2021/10/08 12:0 a.m.12 views

Spotweb Cross-Site Scripting Vulnerability (CNVD-2021-83612)

Spotweb is a Php-based Soptnet client that follows the Spotnet protocol from the Spotweb team. 1.5.1 and previous versions of Spotweb have a cross-site scripting vulnerability that can be exploited by attackers to execute JavaScript code on the client side...

4.3CVSS4.3AI score0.02214EPSS
Exploits1Affected Software1
NVD
NVD
added 2021/10/01 4:15 p.m.15 views

CVE-2021-40971

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the newpassword1 parameter...

6.1CVSS0.02204EPSS
Exploits1References2
OSV
OSV
added 2021/10/01 4:15 p.m.13 views

CVE-2021-40971

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the newpassword1 parameter...

6.1CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2021/10/01 4:15 p.m.17 views

CVE-2021-40972

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the mail parameter...

6.1CVSS0.02214EPSS
Exploits1References2
NVD
NVD
added 2021/10/01 4:15 p.m.16 views

CVE-2021-40968

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the newpassword2 parameter...

6.1CVSS0.02204EPSS
Exploits1References2
OSV
OSV
added 2021/10/01 4:15 p.m.9 views

CVE-2021-40968

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the newpassword2 parameter...

6.1CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2021/10/01 4:15 p.m.22 views

CVE-2021-40969

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the firstname parameter...

6.1CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2021/10/01 4:15 p.m.11 views

CVE-2021-40970

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the username parameter...

6.1CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2021/10/01 4:15 p.m.14 views

CVE-2021-40973

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the lastname parameter...

6.1CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2021/10/01 4:15 p.m.14 views

CVE-2021-40972

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the mail parameter...

6.1CVSS5.8AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2021/10/01 4:15 p.m.31 views

CVE-2021-40968

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the newpassword2 parameter...

6.1CVSS6.4AI score0.02204EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2021/10/01 4:15 p.m.3 views

CVE-2021-40969

Cross-site scripting XSS vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the firstname parameter...

6.1CVSS6.6AI score0.02204EPSS
Exploits1References4
Rows per page
Query Builder