Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

282 matches found

Prion
Prionadded 2023/07/23 7:15 a.m.13 views

Cross site scripting

A vulnerability classified as problematic has been found in mooSocial mooDating 1.2. This affects an unknown part of the file /pages of the component URL Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The identifier VDB-235197 was assigned...

4CVSS5.9AI score0.03648EPSS
Exploits4References3Affected Software1
Cvelist
Cvelistadded 2023/07/23 7:0 a.m.20 views

CVE-2023-3846 mooSocial mooDating URL pages cross site scripting

A vulnerability classified as problematic has been found in mooSocial mooDating 1.2. This affects an unknown part of the file /pages of the component URL Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The identifier VDB-235197 was assigned...

4CVSS6.1AI score0.03648EPSS
Exploits4References3
NVD
NVDadded 2023/07/23 6:15 a.m.14 views

CVE-2023-3845

A vulnerability was found in mooSocial mooDating 1.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /friends/ajaxinvite of the component URL Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The...

6.1CVSS4.7AI score0.03648EPSS
Exploits4References3
CVE
CVEadded 2023/07/23 5:31 a.m.52 views

CVE-2023-3844

mooSocial mooDating 1.2 contains a cross-site scripting flaw in the /friends URL Handler. An attacker can remotely craft a URL to inject malicious JavaScript, potentially stealing session cookies and accessing user data. The issue is confirmed across multiple sources (NVD entry, Nuclei template, ...

6.1CVSS4.7AI score0.03648EPSS
Exploits4References3Affected Software1
Cvelist
Cvelistadded 2023/07/23 5:31 a.m.24 views

CVE-2023-3844 mooSocial mooDating URL friends cross site scripting

A vulnerability was found in mooSocial mooDating 1.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /friends of the component URL Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The...

4CVSS6.2AI score0.03648EPSS
Exploits4References3
NVD
NVDadded 2023/07/23 5:15 a.m.14 views

CVE-2023-3843

A vulnerability was found in mooSocial mooDating 1.2. It has been classified as problematic. Affected is an unknown function of the file /matchmakings/question of the component URL Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. VDB-235194 is...

6.1CVSS4.8AI score0.03648EPSS
Exploits4References3
Prion
Prionadded 2023/07/23 5:15 a.m.8 views

Cross site scripting

A vulnerability was found in mooSocial mooDating 1.2. It has been classified as problematic. Affected is an unknown function of the file /matchmakings/question of the component URL Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. VDB-235194 is...

4CVSS5.9AI score0.03648EPSS
Exploits4References3Affected Software1
Positive Technologies
Positive Technologiesadded 2023/07/23 12:0 a.m.3 views

PT-2023-26462 · Unknown · Moosocial Moodating

Name of the Vulnerable Software and Affected Versions: mooSocial mooDating version 1.2 Description: A problematic issue has been found in the processing of the file /users/view of the component URL Handler, leading to cross site scripting. The attack may be initiated remotely. Recommendations: Fo...

6.1CVSS4.2AI score0.03678EPSS
Exploits4References6
Prion
Prionadded 2023/03/06 4:15 p.m.24 views

Cross site scripting

A vulnerability classified as problematic was found in nuxsmin sysPass up to 3.2.4. Affected by this vulnerability is an unknown functionality of the component URL Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 3.2.5 is able to...

4.9CVSS5.3AI score0.00522EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichmentadded 2023/03/06 3:31 p.m.6 views

CVE-2022-4930 nuxsmin sysPass URL cross site scripting

A vulnerability classified as problematic was found in nuxsmin sysPass up to 3.2.4. Affected by this vulnerability is an unknown functionality of the component URL Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 3.2.5 is able to...

4CVSS6.5AI score0.00522EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2023/03/06 12:0 a.m.6 views

PT-2023-15917 · Nuxsmin · Syspass

Name of the Vulnerable Software and Affected Versions: nuxsmin sysPass versions up to 3.2.4 Description: A problematic vulnerability was found in the URL Handler component, leading to cross-site scripting. The attack can be launched remotely. Recommendations: For versions up to 3.2.4, upgrade to...

5.4CVSS6.8AI score0.00522EPSS
Exploits0References8
SUSE CVE
SUSE CVEadded 2023/02/15 4:36 a.m.3 views

SUSE CVE-2017-17520

tools/urlhandler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional behavior,...

8.8CVSS7.1AI score0.01896EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 4:14 a.m.2 views

SUSE CVE-2019-9801

Firefox will accept any registered Program ID as an external protocol handler and offer to launch this local application when given a matching URL on Windows operating systems. This should only happen if the program has specifically registered itself as a "URL Handler" in the Windows registry...

5.3CVSS8.2AI score0.0131EPSS
Exploits0References9
Veracode
Veracodeadded 2023/01/11 10:21 a.m.15 views

Cross-site Scripting (XSS)

ldapcherry is vulnerable to cross-site scripting. The vulnerability exists in init.py due to a lack of validation in the URL handler component which allows an attacker to inject and execute malicious JavaScript...

6.1CVSS5.9AI score0.00537EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blogadded 2023/01/05 9:30 a.m.25 views

LdapCherry Cross-site Scripting vulnerbaility

A vulnerability, which was classified as problematic, was found in kakwa LdapCherry up to 0.x. Affected is an unknown function of the component URL Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 1.0.0 is able to address...

6.1CVSS2.4AI score0.00537EPSS
Exploits0References8Affected Software1
OSV
OSVadded 2023/01/05 9:30 a.m.16 views

GHSA-VQ8W-X8V7-F88M LdapCherry Cross-site Scripting vulnerbaility

A vulnerability, which was classified as problematic, was found in kakwa LdapCherry up to 0.x. Affected is an unknown function of the component URL Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 1.0.0 is able to address...

6.1CVSS5.9AI score0.00537EPSS
Exploits0References8
OSV
OSVadded 2023/01/05 8:15 a.m.16 views

CVE-2019-25095

A vulnerability, which was classified as problematic, was found in kakwa LdapCherry up to 0.x. Affected is an unknown function of the component URL Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 1.0.0 is able to address...

6.1CVSS6AI score
Exploits0References5
CVE
CVEadded 2023/01/05 7:44 a.m.65 views

CVE-2019-25095

CVE-2019-25095 affects kakwa LdapCherry prior to 1.0.0. The vulnerability is a Cross-Site Scripting flaw stemming from an unknown function in the component URL Handler, enabling remote attack. Upgrading to version 1.0.0 addresses the issue (patch SHA 6f98076281e9452fdb1adcd1bcbb70a6f968ade9). Ven...

6.1CVSS4.7AI score0.00537EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2023/01/05 7:44 a.m.19 views

CVE-2019-25095 kakwa LdapCherry URL cross site scripting

A vulnerability, which was classified as problematic, was found in kakwa LdapCherry up to 0.x. Affected is an unknown function of the component URL Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 1.0.0 is able to address...

4CVSS6AI score0.00537EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2023/01/05 12:0 a.m.2 views

PT-2023-11353 · Unknown · Ldapcherry

Name of the Vulnerable Software and Affected Versions: kakwa LdapCherry versions up to 0.x Description: A problematic issue was found in the URL Handler component, leading to cross site scripting. The attack can be launched remotely, affecting an unknown function. Recommendations: For versions up...

6.1CVSS6.6AI score0.00537EPSS
Exploits0References11
Rows per page
Query Builder