11 matches found
EUVD-2018-8167
Malware in sbrugna...
PT-2024-21643 · Unknown · Hoppscotch
Name of the Vulnerable Software and Affected Versions: Hoppscotch versions prior to 2023.12.6 Description: Hoppscotch is an API development ecosystem. Due to the lack of validation for fields like Label Edit Team - TeamName, bad actors can send emails with spoofed content as Hoppscotch. Part of t...
CVE-2023-36941
A cross-site scripting XSS vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name, leader, and member fields...
PT-2023-25747 · Unknown · Phpgurukul Online Fire Reporting System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Fire Reporting System Using PHP and MySQL version 1.2 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name, leader, and...
Online Fire Reporting System 跨站脚本漏洞
Online Fire Reporting System is an online fire reporting system by Carlo Montero, an individual developer. A security vulnerability exists in Online Fire Reporting System version 1.2, which is caused by a cross-site scripting XSS vulnerability in several fields, including team name. The...
Portainer Cross-Site Scripting Vulnerability
Portainer is a lightweight user management interface for managing Docker environments and Docker hosts. A cross-site scripting vulnerability exists in Portainer 1.19.1 and earlier versions, which can be exploited by remote attackers to inject arbitrary JavaScript code and or HTML with the help of...
Cross-site Scripting (XSS)
github.com/portainer/portainer is vulnerable to cross-site scripting XSS attacks. The library does not use HTTP Secure Headers, allowing a malicious user to inject and execute arbitrary Javascript through the Team Name field...
CVE-2018-16316
A stored Cross-site scripting XSS vulnerability in Portainer through 1.19.1 allows remote authenticated users to inject arbitrary JavaScript and/or HTML via the Team Name field...
Cross site scripting
A stored Cross-site scripting XSS vulnerability in Portainer through 1.19.1 allows remote authenticated users to inject arbitrary JavaScript and/or HTML via the Team Name field...
CVE-2018-16316
A stored Cross-site scripting XSS vulnerability in Portainer through 1.19.1 allows remote authenticated users to inject arbitrary JavaScript and/or HTML via the Team Name field...
CVE-2018-16316
A stored Cross-site scripting XSS vulnerability in Portainer through 1.19.1 allows remote authenticated users to inject arbitrary JavaScript and/or HTML via the Team Name field...