Lucene search
K

15 matches found

Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.4 views

PT-2026-5799

Zendesk SweetHawk Survey 1.6 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through support ticket submissions. Attackers can insert XSS payloads like script tags into ticket text that automatically execute when survey pages are loaded b...

6.4CVSS5.1AI score0.00239EPSS
Exploits0References5
CVE
CVE
added 2025/11/12 8:2 p.m.12 views

CVE-2025-13060

CVE-2025-13060 affects SourceCodester Survey Application System 1.0. The issue is a SQL injection in the function handling the parameter ID in the file /view_survey.php. It can be exploited remotely, and multiple sources note that the exploit has been publicly disclosed. The vulnerability’s sever...

9.8CVSS7.2AI score0.00431EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 9:7 a.m.4 views

CVE-2024-56377

A stored cross-site scripting XSS vulnerability in survey titles of REDCap 14.9.6 allows authenticated users to inject malicious scripts into the Survey Title field or Survey Instructions. When a user receives a survey and clicks anywhere on the survey page to enter data, the crafted payload whic...

5.4CVSS5.7AI score0.00386EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2024/10/21 12:0 a.m.7 views

The vulnerability of TP-Link WR941ND router’s microprogramming software, related to the execution of operations outside the buffer in memory, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of TP-Link WR941ND router’s microprogramming software lies in the fact that the operation exceeds the buffer limits in memory when processing the page /userRpm/popupSiteSurveyRpm.htm with the parameter ssid. Exploiting this vulnerability allows a remote attacker to compromise th...

8CVSS5.8AI score0.02295EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/09/30 12:0 a.m.3 views

TP-LINK TL-WR941ND 安全漏洞

TP-LINK TL-WR941ND is a wireless router from China Pop-Up Union TP-LINK. A security vulnerability exists in TP-LINK TL-WR941ND version V6, which originates from a stack overflow vulnerability in the ssid parameter in /userRpm/popupSiteSurveyRpm.htm...

8CVSS7AI score0.02295EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/27 12:0 a.m.5 views

NETGEAR WN604 安全漏洞

The NETGEAR WN604 is a small wireless router from NETGEAR. An information disclosure vulnerability exists in the NETGEAR WN604. An attacker can use this vulnerability to access the siteSurvey.php page to obtain sensitive information such as the SSID, security type, encryption method, and channel ...

6.9CVSS6.1AI score0.00493EPSS
Exploits0References5
CNVD
CNVD
added 2021/01/04 12:0 a.m.2 views

LimeSurvey cross-site scripting vulnerability (CNVD-2021-00893)

limesurvey is an open source online questionnaire program with many functions such as questionnaire design, modification, release, recovery and statistics. A cross-site scripting vulnerability exists in the "Quota" component of the "Survey" page in LimeSurvey 3.21.1. An attacker can exploit this...

5.4CVSS6.4AI score0.00697EPSS
Exploits1References1
NVD
NVD
added 2020/12/31 6:15 p.m.21 views

CVE-2020-25799

LimeSurvey 3.21.1 is affected by cross-site scripting XSS in the Quota component of the Survey page. When the survey quota being viewed, e.g. by an administrative user, the JavaScript code will be executed in the browser...

5.4CVSS5.3AI score0.00697EPSS
Exploits1References2
CNNVD
CNNVD
added 2020/12/31 12:0 a.m.8 views

LimeSurvey 跨站脚本漏洞

limesurvey is an open source online questionnaire program with many functions such as questionnaire design, modification, release, recovery and statistics. A cross-site scripting vulnerability exists in the "Quota" component of the "Survey" page in LimeSurvey 3.21.1. An attacker can exploit this...

5.4CVSS5.7AI score0.00697EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2020/12/31 12:0 a.m.6 views

PT-2020-16219 · Limesurvey · Limesurvey

Name of the Vulnerable Software and Affected Versions: LimeSurvey version 3.21.1 Description: The issue affects the Quota component of the Survey page, where cross-site scripting XSS can occur. When an administrative user views the survey quota, JavaScript code will be executed in the browser...

5.4CVSS5.2AI score0.00697EPSS
Exploits1References5
Openbugbounty
Openbugbounty
added 2018/07/04 10:59 a.m.13 views

butterflyhouse.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-640255 Description| Value ---|--- Affected Website:| butterflyhouse.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Positive Technologies
Positive Technologies
added 2017/09/07 12:0 a.m.5 views

PT-2017-13302 · Intelbras · Intelbras Wireless N 150Mbps Router

Name of the Vulnerable Software and Affected Versions: Intelbras Wireless N 150Mbps router with firmware WRN 240 Description: The issue allows attackers to steal wireless credentials without being connected to the network. This is related to userRpm/popupSiteSurveyRpm.htm and...

6.1CVSS6AI score0.01438EPSS
Exploits5References3
Packet Storm
Packet Storm
added 2017/05/27 12:0 a.m.48 views

Aries QWR-1104 Wireless-N Cross Site Scripting

Exploit Title: Aries QWR-1104 Wireless-N Router Execute JavaScript in Wireless Site Survey page. Date: 26-05-2017 Vendor Homepage : http://www.ariesnetworks.net/ Firmware Version: WRC.253.2.0913 Exploit Author: Touhid M.Shaikh Contact: http://twitter.com/touhidshaikh22 Website:...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2017/05/26 12:0 a.m.19 views

QWR-1104 Wireless-N Router - Cross-Site Scripting

QWR-1104 Wireless-N Router - Cross-Site Scripting Exploit Title: Aries QWR-1104 Wireless-N Router Execute JavaScript in Wireless Site Survey page. Date: 26-05-2017 Vendor Homepage : http://www.ariesnetworks.net/ Firmware Version: WRC.253.2.0913 Exploit Author: Touhid M.Shaikh Contact:...

0.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/03/31 10:48 a.m.7 views

darkreading.com XSS vulnerability

Vulnerable URL: http://www.darkreading.com/surveyjspage.asp?surveyid=1"--!"=1contentid=1 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 50485 VIP website status:| No Coordinated...

6.3AI score
Exploits0
Rows per page
Query Builder