Lucene search
K

39 matches found

NVD
NVD
added 2019/06/03 9:29 p.m.17 views

CVE-2019-9839

VFront 0.99.5 has Reflected XSS via the admin/menuregistri.php descrizioneg parameter or the admin/syncregtab.php azzera parameter...

6.1CVSS6.1AI score0.01011EPSS
Exploits2References2
Prion
Prion
added 2019/06/03 9:29 p.m.14 views

Cross site scripting

VFront 0.99.5 has Reflected XSS via the admin/menuregistri.php descrizioneg parameter or the admin/syncregtab.php azzera parameter...

4.3CVSS6AI score0.01011EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2019/06/03 9:29 p.m.6 views

CVE-2019-9839

VFront 0.99.5 has Reflected XSS via the admin/menuregistri.php descrizioneg parameter or the admin/syncregtab.php azzera parameter...

6.1CVSS6.3AI score0.01011EPSS
Exploits2References2
OSV
OSV
added 2019/06/03 9:29 p.m.6 views

CVE-2019-9838

VFront 0.99.5 has stored XSS via the admin/syncregtab.php azzera parameter, which is mishandled during admin/errorlog.php rendering...

6.1CVSS6.3AI score0.01058EPSS
Exploits2References2
Prion
Prion
added 2019/06/03 9:29 p.m.19 views

Cross site scripting

VFront 0.99.5 has stored XSS via the admin/syncregtab.php azzera parameter, which is mishandled during admin/errorlog.php rendering...

4.3CVSS5.9AI score0.01058EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2019/06/03 8:46 p.m.84 views

CVE-2019-9838

Summary: CVE-2019-9838 affects VFront 0.99.5 with a stored XSS vulnerability. The issue occurs in the parameter azzera of admin/sync_reg_tab.php and is mishandled during rendering in admin/error_log.php. Affected software: VFront 0.99.5 (PHP/JavaScript front-end tooling for MySQL/PostgreSQL). Roo...

6.1CVSS5.9AI score0.01058EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2019/06/03 8:46 p.m.22 views

CVE-2019-9838

VFront 0.99.5 has stored XSS via the admin/syncregtab.php azzera parameter, which is mishandled during admin/errorlog.php rendering...

6AI score0.01058EPSS
Exploits2References2
Cvelist
Cvelist
added 2019/06/03 8:44 p.m.15 views

CVE-2019-9839

VFront 0.99.5 has Reflected XSS via the admin/menuregistri.php descrizioneg parameter or the admin/syncregtab.php azzera parameter...

6.1AI score0.01011EPSS
Exploits2References2
CVE
CVE
added 2019/06/03 8:44 p.m.85 views

CVE-2019-9839

VFront 0.99.5 is affected by a Reflected Cross‑Site Scripting (XSS) vulnerability. The issue is triggered via the admin/menu_registri.php descrizione_g parameter or the admin/sync_reg_tab.php azzera parameter. Public references describe it as a reflected XSS with proof patterns such as [removed]a...

6.1CVSS6AI score0.01011EPSS
Exploits2References2Affected Software1
Packet Storm
Packet Storm
added 2019/05/28 12:0 a.m.135 views

VFront 0.99.5 Reflective Cross Site Scripting

Multiple Reflected Cross-site Scripting Vulnerabilities in VFront 0.99.5 Information -------------------- Advisory by Netsparker Name: Multiple Reflected Cross-site Scripting in VFront 0.99.5 Affected Software: VFront Affected Versions: 0.99.5 Homepage: http://www.vfront.org/ Vulnerability:...

6.4AI score0.01011EPSS
Exploits2
CNVD
CNVD
added 2019/05/28 12:0 a.m.4 views

VFront Cross-Site Scripting Vulnerability

VFront is a set of PHP and Javascript written for MySQL or PostgreSQL database open source front-end management tools . A cross-site scripting vulnerability exists in Vfront version 0.99.5. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

6.1CVSS6.4AI score0.01058EPSS
Exploits2References1
Packet Storm
Packet Storm
added 2019/05/28 12:0 a.m.152 views

VFront 0.99.5 Persistent Cross Site Scripting

Stored Cross-site Scripting Vulnerability in VFront 0.99.5 Information -------------------- Advisory by Netsparker Name: Stored Cross-site Scripting Vulnerability in VFront Affected Software: VFront Affected Versions: 0.99.5 Homepage: http://www.vfront.org/ Vulnerability: Stored Cross-site...

6.4AI score0.01058EPSS
Exploits2
CNVD
CNVD
added 2015/06/09 12:0 a.m.1 views

Multiple vulnerabilities in vfront

vfront is a set of open source based on PHP and JavaScript MySQL or PostgreSQL database front-end management tools . There are multiple security vulnerabilities in vfront , allowing attackers to exploit vulnerabilities in cross-site scripting , cross-site request forgery , and HTML injection...

6.7AI score
Exploits0References1
securityvulns
securityvulns
added 2015/06/08 12:0 a.m.87 views

vfront-0.99.2 CSRF & Persistent XSS

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-VFRONT0602.txt Vendor: ============== www.vfront.org Product: =================================================================================== vfront-0.99.2 is a PHP web...

6.2AI score
Exploits0
0day.today
0day.today
added 2015/06/04 12:0 a.m.28 views

vfront 0.99.2 CSRF & Persistent XSS Vulnerabilities

Exploit for php platform in category web applications Exploit Title: CSRF & Persistent XSS Google Dork: intitle: CSRF & Persistent XSS Date: 2015-06-02 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org/ Vendor Homepage: www.vfront.org Software Link: www.vfront.org Version:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2015/06/03 12:0 a.m.19 views

VFront 0.99.2 - Cross-Site Request Forgery Persistent Cross-Site Scripting

VFront 0.99.2 - Cross-Site Request Forgery Persistent Cross-Site Scripting Exploit Title: CSRF & Persistent XSS Google Dork: intitle: CSRF & Persistent XSS Date: 2015-06-02 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org/ Vendor Homepage: www.vfront.org Software Link:...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2015/06/03 12:0 a.m.21 views

VFront 0.99.2 - Cross-Site Request Forgery / Persistent Cross-Site Scripting

Exploit Title: CSRF & Persistent XSS Google Dork: intitle: CSRF & Persistent XSS Date: 2015-06-02 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org/ Vendor Homepage: www.vfront.org Software Link: www.vfront.org Version: 0.99.2 Tested on: windows 7 Category: webapps Product:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2015/06/02 12:0 a.m.30 views

vfront 0.99.2 Cross Site Request Forgery / Cross Site Scripting

Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-VFRONT0602.txt Vendor: ==============www.vfront.org Product: =================================================================================== vfront-0.99.2 is a PHP web...

0.1AI score
Exploits0
0day.today
0day.today
added 2011/02/22 12:0 a.m.23 views

VFront 0.95m (need login) Persistant XSS Vunerability

Exploit for php platform in category web applications author: lemlajt software : VFront vendor: http://www.vfront.org/ version: 0.95m tested on: linux cve : PoC : Go to: http://192.168.1.123/www/cmsadmins/vfr/vfront-0.95m/admin/menuregistri.php?gid=0&modificagid&feed=modok In "Modify...

7.1AI score
Exploits0
Rows per page
Query Builder