Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/08/02 8:24 p.m.12 views

CVE-2025-52203

A stored cross-site scripting XSS vulnerability exists in DevaslanPHP project-management v1.2.4. The vulnerability resides in the Ticket Name field, which fails to properly sanitize user-supplied input. An authenticated attacker can inject malicious JavaScript payloads into this field, which are...

7.6CVSS5.1AI score0.00316EPSS
Exploits2References1
NVD
NVD
added 2025/07/31 4:15 p.m.7 views

CVE-2025-52203

A stored cross-site scripting XSS vulnerability exists in DevaslanPHP project-management v1.2.4. The vulnerability resides in the Ticket Name field, which fails to properly sanitize user-supplied input. An authenticated attacker can inject malicious JavaScript payloads into this field, which are...

7.6CVSS0.00316EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.6 views

PT-2025-31555 · Unknown · Devaslanphp Project-Management

Name of the Vulnerable Software and Affected Versions: DevaslanPHP project-management version 1.2.4 Description: A stored cross-site scripting XSS issue exists in DevaslanPHP project-management version 1.2.4. The vulnerability is located in the Ticket Name field, which does not properly sanitize...

7.6CVSS5.5AI score0.00316EPSS
Exploits2References6
OSV
OSV
added 2025/07/31 12:0 a.m.6 views

CVE-2025-52203

A stored cross-site scripting XSS vulnerability exists in DevaslanPHP project-management v1.2.4. The vulnerability resides in the Ticket Name field, which fails to properly sanitize user-supplied input. An authenticated attacker can inject malicious JavaScript payloads into this field, which are...

7.6CVSS5AI score0.00316EPSS
Exploits2References4
Cvelist
Cvelist
added 2025/07/31 12:0 a.m.11 views

CVE-2025-52203

A stored cross-site scripting XSS vulnerability exists in DevaslanPHP project-management v1.2.4. The vulnerability resides in the Ticket Name field, which fails to properly sanitize user-supplied input. An authenticated attacker can inject malicious JavaScript payloads into this field, which are...

0.00316EPSS
Exploits2References2
GithubExploit
GithubExploit
added 2025/06/05 2:54 p.m.204 views

Exploit for Cross-site Scripting in Devaslanphp Project_Management

Exploit Title: Project Management - Stored XSS Google Do...

7.6CVSS5.2AI score0.00316EPSS
Exploits2
Rows per page
Query Builder