11 matches found
EUVD-2018-8167
Malware in sbrugna...
PT-2024-21643 · Unknown · Hoppscotch
Name of the Vulnerable Software and Affected Versions: Hoppscotch versions prior to 2023.12.6 Description: Hoppscotch is an API development ecosystem. Due to the lack of validation for fields like Label Edit Team - TeamName, bad actors can send emails with spoofed content as Hoppscotch. Part of t...
CVE-2023-36941
A cross-site scripting XSS vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name, leader, and member fields...
Online Fire Reporting System 跨站脚本漏洞
Online Fire Reporting System is an online fire reporting system by Carlo Montero, an individual developer. A security vulnerability exists in Online Fire Reporting System version 1.2, which is caused by a cross-site scripting XSS vulnerability in several fields, including team name. The...
PT-2023-25747 · Unknown · Phpgurukul Online Fire Reporting System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Fire Reporting System Using PHP and MySQL version 1.2 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name, leader, and...
Portainer Cross-Site Scripting Vulnerability
Portainer is a lightweight user management interface for managing Docker environments and Docker hosts. A cross-site scripting vulnerability exists in Portainer 1.19.1 and earlier versions, which can be exploited by remote attackers to inject arbitrary JavaScript code and or HTML with the help of...
Cross-site Scripting (XSS)
github.com/portainer/portainer is vulnerable to cross-site scripting XSS attacks. The library does not use HTTP Secure Headers, allowing a malicious user to inject and execute arbitrary Javascript through the Team Name field...
Cross site scripting
A stored Cross-site scripting XSS vulnerability in Portainer through 1.19.1 allows remote authenticated users to inject arbitrary JavaScript and/or HTML via the Team Name field...
CVE-2018-16316
A stored Cross-site scripting XSS vulnerability in Portainer through 1.19.1 allows remote authenticated users to inject arbitrary JavaScript and/or HTML via the Team Name field...
CVE-2018-16316
A stored Cross-site scripting XSS vulnerability in Portainer through 1.19.1 allows remote authenticated users to inject arbitrary JavaScript and/or HTML via the Team Name field...
CVE-2018-16316
A stored Cross-site scripting XSS vulnerability in Portainer through 1.19.1 allows remote authenticated users to inject arbitrary JavaScript and/or HTML via the Team Name field...