Lucene search
K

168 matches found

Vulnrichment
Vulnrichment
added 2024/08/06 1:7 p.m.20 views

CVE-2024-33992 Cross-Site Scripting (XSS) vulnerability in Janobe School Event Management System

Cross-Site Scripting XSS vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the 'view' parameter in '/student/index.php'...

7.1CVSS5.4AI score0.00239EPSS
Exploits0References1
CVE
CVE
added 2024/08/06 1:7 p.m.46 views

CVE-2024-33992

CVE-2024-33992 is a Cross-Site Scripting (XSS) vulnerability in School Event Management System v1.0. The flaw allows an attacker to craft a query to the server and retrieve all stored data through the view parameter in /student/index.php. Connected sources corroborate the vulnerability and recomm...

7.1CVSS5.4AI score0.00239EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/08/06 1:6 p.m.30 views

CVE-2024-33990 Cross-Site Scripting (XSS) vulnerability in Janobe School Event Management System

Cross-Site Scripting XSS vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted javascript payload to an authenticated user and partially take over their browser session via the 'id' and 'view' parameters ...

7.1CVSS0.00239EPSS
Exploits0References1
CVE
CVE
added 2024/08/06 1:6 p.m.36 views

CVE-2024-33990

CVE-2024-33990 describes a Cross-Site Scripting (XSS) vulnerability in School Event Management System v1.0 . The issue can be triggered by an authenticated user who receives a specially crafted payload via the id and view parameters in /user/index.php , allowing an attacker to partially take over...

7.1CVSS5.6AI score0.00239EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/06 1:2 p.m.18 views

CVE-2024-33986 Cross-Site Scripting (XSS) vulnerability in Janobe products

Cross-Site Scripting XSS vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'View' parameter in...

7.1CVSS5.8AI score0.00291EPSS
Exploits0References1
CVE
CVE
added 2024/08/06 1:2 p.m.36 views

CVE-2024-33986

The CVE-2024-33986 issue is a Cross-Site Scripting (XSS) vulnerability in Janobe-based School Attendance Monitoring System and School Event Management System (version 1.0). The root cause is untrusted input in the web interface that can be injected via the View parameter in /department/index.php,...

7.1CVSS6.2AI score0.00291EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2024/08/06 1:2 p.m.18 views

CVE-2024-33985 Cross-Site Scripting (XSS) vulnerability in Janobe products

Cross-Site Scripting XSS vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'View' parameter in '/course/index.php...

7.1CVSS5.8AI score0.00291EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/06 1:2 p.m.20 views

CVE-2024-33985 Cross-Site Scripting (XSS) vulnerability in Janobe products

Cross-Site Scripting XSS vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'View' parameter in '/course/index.php...

7.1CVSS0.00291EPSS
Exploits0References1
CVE
CVE
added 2024/08/06 1:2 p.m.31 views

CVE-2024-33985

CVE-2024-33985 is a Cross-Site Scripting (XSS) vulnerability in Janobe’s School Attendance Monitoring System and School Event Management System (version 1.0). A crafted URL can cause the victim to disclose session cookies via the View parameter in /course/index.php. Documents confirm affected pro...

7.1CVSS6.2AI score0.00291EPSS
Exploits0References1Affected Software2
OSV
OSV
added 2024/08/06 11:16 a.m.3 views

CVE-2024-33977

Cross-Site Scripting XSS vulnerability in E-Negosyo System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session cookie details via 'view' parameter in /admin/orders/index.php'...

6.1CVSS5.8AI score0.00262EPSS
Exploits0References1
OSV
OSV
added 2024/08/06 11:16 a.m.1 views

CVE-2024-33975

Cross-Site Scripting XSS vulnerability in E-Negosyo System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted JavaScript payload to an authenticated user and partially take over their browser session via 'view' parameter in '/admin/products/index.ph...

6.1CVSS5.8AI score0.00239EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/06 10:58 a.m.22 views

CVE-2024-33977 Cross-site Scripting in Janobe E-Negosyo System

Cross-Site Scripting XSS vulnerability in E-Negosyo System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session cookie details via 'view' parameter in /admin/orders/index.php'...

7.1CVSS0.00262EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/06 10:54 a.m.17 views

CVE-2024-33975 Cross-site Scripting in Janobe E-Negosyo System

Cross-Site Scripting XSS vulnerability in E-Negosyo System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted JavaScript payload to an authenticated user and partially take over their browser session via 'view' parameter in '/admin/products/index.ph...

7.1CVSS5.5AI score0.00239EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/06 12:0 a.m.5 views

School Event Management System 跨站脚本漏洞

School Event Management System is a school event management system. A cross-site scripting vulnerability exists in School Event Management System version 1.0. An attacker can create a specially crafted URL and send it to a victim to obtain their session details via the "view" parameter in...

7.1CVSS6.1AI score0.00239EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/06 12:0 a.m.6 views

Young Entrepreneur E-Negosyo System 跨站脚本漏洞

Young Entrepreneur E-Negosyo System is a Young Entrepreneur E-Negosyo System by janobe individual developers. A cross-site scripting vulnerability exists in Young Entrepreneur E-Negosyo System version 1.0. An attacker can create a specially crafted URL and send it to a victim to obtain their...

7.1CVSS6.1AI score0.00262EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/06 12:0 a.m.7 views

PT-2024-25625 · Unknown · School Management System

Name of the Vulnerable Software and Affected Versions: School Event Management System version 1.0 Description: The issue is related to a Cross-Site Scripting XSS vulnerability. An attacker could create a specially crafted URL and send it to a victim to obtain their session details via the view...

7.1CVSS5.7AI score0.00239EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/08/06 12:0 a.m.6 views

PT-2024-25597 · Paypal · Paypal

Name of the Vulnerable Software and Affected Versions: Payment system versions 1.0 Description: A SQL injection issue affects the PayPal, Credit Card, and Debit Card Payment system. An attacker could exploit this by sending a specially crafted query to the server, allowing them to retrieve all...

9.8CVSS7.3AI score0.0041EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/08/06 12:0 a.m.4 views

School Attendance Monitoring System和School Event Management System 跨站脚本漏洞

School Event Management System is a school event management system and School Attendance Monitoring System is a school attendance monitoring system. A cross-site scripting vulnerability exists in School Attendance Monitoring System and School Event Management System version 1.0. An attacker can...

7.1CVSS6.1AI score0.00291EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/06 12:0 a.m.4 views

Young Entrepreneur E-Negosyo System 跨站脚本漏洞

Young Entrepreneur E-Negosyo System is a Young Entrepreneur E-Negosyo System by janobe individual developers. A cross-site scripting vulnerability exists in Young Entrepreneur E-Negosyo System version 1.0. An attacker can use this vulnerability to send a specially crafted JavaScript load to a use...

7.1CVSS6.1AI score0.00239EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/06 12:0 a.m.3 views

School Event Management System 安全漏洞

School Event Management System is a school event management system. A security vulnerability exists in School Event Management System version 1.0. The vulnerability can be exploited to send a specially crafted JavaScript load to a user to take over their browser session via the "id" and "view in...

7.1CVSS6.7AI score0.00239EPSS
Exploits0References2
Rows per page
Query Builder