15 matches found
EUVD-2022-40800
Malicious code in bioql PyPI...
CVE-2024-43280
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.8.1...
Cross site scripting
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.8.1 – 11.1 that may allow a remote, authenticated attacker to create a crafted link that is stored in the site configuration which when clicked could potentially execute arbitrary JavaScrip...
Esri ArcGIS Server 跨站脚本漏洞
Esri ArcGIS Server is a web-oriented, enterprise-class software platform from Esri that can be used to provide geolocation services. A cross-site scripting vulnerability exists in Esri ArcGIS Server versions 10.8.1 through 11.1 that stems from the presence of a cross-site scripting XSS...
Esri Portal For ArcGIS 跨站脚本漏洞
Esri Portal For ArcGIS is a component from Esri that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. A cross-site scripting vulnerability exists in Esri Portal For ArcGIS versions 10.8.1 through 10.9, which stems from the presen...
PT-2023-20342 · Esri · Esri Portal Sites
Name of the Vulnerable Software and Affected Versions: Esri Portal Sites versions 10.8.1 through 10.9 Description: The issue is a Cross-site Scripting vulnerability that may allow a remote, authenticated attacker to create a crafted link which, when clicked, could potentially execute arbitrary...
PT-2023-20347 · Esri · Arcgis Server
Name of the Vulnerable Software and Affected Versions: ArcGIS Server versions 10.8.1 through 11.1 Description: The issue is related to a Cross-site Scripting vulnerability that may allow a remote, authenticated attacker to create a crafted link. This link could potentially render an image in the...
Esri Portal For ArcGIS 代码问题漏洞
Esri Portal For ArcGIS is a component from Environmental Systems Research Institute Esri that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. A code issue vulnerability exists in Esri Portal for ArcGIS 10.8.1 and prior versions...
PT-2022-24284 · Esri · Esri Portal For Arcgis
Name of the Vulnerable Software and Affected Versions: Esri Portal for ArcGIS versions 10.7.1 through 10.8.1 Description: The issue is related to a reflected XSS vulnerability that may allow a remote, unauthenticated attacker to create a crafted link. When clicked, this link could execute arbitra...
Esri Portal For ArcGIS 跨站脚本漏洞
Esri Portal For ArcGIS is a component from Environmental Systems Research Institute Esri that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. A cross-site scripting vulnerability exists in Esri Portal for ArcGIS versions 10.8.1...
CVE-2022-38200
A cross site scripting vulnerability exists in some map service configurations of ArcGIS Server versions 10.8.1 and 10.7.1. Specifically crafted web requests can execute arbitrary JavaScript in the context of the victim's browser...
Cross site scripting
A cross site scripting vulnerability exists in some map service configurations of ArcGIS Server versions 10.8.1 and 10.7.1. Specifically crafted web requests can execute arbitrary JavaScript in the context of the victim's browser...
PT-2022-16426 · Adenza · Adenza Axiomsl Controllerview
Name of the Vulnerable Software and Affected Versions: Adenza AxiomSL ControllerView versions through 10.8.1 Description: The issue allows an attacker to identify valid usernames on the platform due to a difference in error messages produced by failed login attempts when the username is valid...
CVE-2021-29105
A stored Cross Site Scripting XSS vulnerability in Esri ArcGIS Server Services Directory version 10.8.1 and below may allow a remote authenticated attacker to pass and store malicious strings in the ArcGIS Services Directory...
CVE-2021-29099 There is a SQL injection vulnerability in ArcGIS Server
A SQL injection vulnerability exists in some configurations of ArcGIS Server versions 10.8.1 and earlier. Specially crafted web requests can expose information that is not intended to be disclosed not customer datasets. Web Services that use file based data sources file Geodatabase or Shape Files...