Lucene search
K

100 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:9 p.m.7 views

CVE-2021-21260

Online Invoicing System OIS is open source software which is a lean invoicing system for small businesses, consultants and freelancers created using AppGini. In OIS version 4.0 there is a stored XSS which can enables an attacker takeover of the admin account through a payload that extracts a csrf...

7.6CVSS6.2AI score0.00596EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/12 12:0 a.m.5 views

DTP tNexus Airport View 安全漏洞

DTP tNexus Airport View is an application from DTP that helps airport users track and monitor operational information. It is used to track operational updates to enhance airport operations and passenger experience. A security vulnerability exists in DTP tNexus Airport View version 2.8, which stem...

7.5CVSS7AI score0.00519EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:53 p.m.12 views

CVE-2022-28320

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS6.8AI score0.00946EPSS
Exploits0References1
NVD
NVD
added 2024/11/27 7:15 p.m.28 views

CVE-2024-53855

Centurion ERP Enterprise Rescource Planning is a simple application developed to provide open source IT management with a large emphasis on the IT Service Management ITSM modules. A user who is authenticated and has view permissions for a ticket, can view the tickets of another organization they...

4.3CVSS0.00432EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/11/18 1:30 p.m.13 views

CVE-2024-9526 Stored XSS in Kubeflow Pipeline View

There exists a stored XSS Vulnerability in Kubeflow Pipeline View web UI. The Kubeflow Web UI allows to create new pipelines. When creating a new pipeline, it is possible to add a description. The description field allows html tags, which are not filtered properly. Leading to a stored XSS. We...

7.1CVSS5.9AI score0.00207EPSS
Exploits0References1
OSV
OSV
added 2024/06/14 3:15 p.m.7 views

CVE-2024-37368

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. Due to the lack of proper authentication, this action is allowed without...

7.5CVSS5.8AI score0.00498EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2024/06/08 12:0 a.m.3 views

VulnCheck KEV: CVE-2022-1026

Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function...

8.6CVSS7.1AI score0.15102EPSS
Exploits5References1
OSV
OSV
added 2024/05/03 2:15 a.m.6 views

CVE-2023-32169

D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

9.8CVSS5.9AI score0.56064EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/11/30 12:0 a.m.4 views

BigProf Online Invoicing System Cross-Site Scripting Vulnerability

BigProf Online Invoicing System OIS is an online invoicing system. A cross-site scripting vulnerability exists in BigProf Online Inventory Manager version 3.2, which stems from a cross-site scripting vulnerability in the FirstRecord parameter of /inventory/batchesview.php...

6.3CVSS6.2AI score0.00388EPSS
Exploits0References1
OSV
OSV
added 2023/10/22 9:36 p.m.3 views

GHSA-9X43-5QCQ-H79Q Django Grappelli Open Redirect vulnerability

views/switch.py in django-grappelli aka Django Grappelli before 2.15.2 attempts to prevent external redirection with startswith"/" but this does not consider a protocol-relative URL e.g., //example.com attack...

6.1CVSS6.4AI score0.0047EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2023/09/22 5:2 a.m.20 views

CVE-2023-43090 Gnome-shell: screenshot tool allows viewing open windows when session is locked

A vulnerability was found in GNOME Shell. GNOME Shell's lock screen allows an unauthenticated local user to view windows of the locked desktop session by using keyboard shortcuts to unlock the restricted functionality of the screenshot tool...

5.5CVSS6.6AI score0.00311EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2023/07/11 12:0 a.m.10 views

The vulnerability of the Guest View component in Google Chrome allows a hacker to execute arbitrary code.

The vulnerability of the Guest View component in Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS8AI score0.00658EPSS
Exploits0References11Affected Software6
Positive Technologies
Positive Technologies
added 2023/05/17 12:0 a.m.7 views

PT-2023-2874 · D Link · D-Link D-View

Name of the Vulnerable Software and Affected Versions: D-Link D-View affected versions not specified Description: This issue allows remote attackers to create and delete arbitrary files on affected installations of D-Link D-View. Authentication is required to exploit this issue. The specific flaw...

8.3CVSS6.5AI score0.76504EPSS
Exploits0References8
CNNVD
CNNVD
added 2022/05/12 12:0 a.m.4 views

Simple Client Management System SQL注入漏洞

Simple Client Management System is a simple client management system from Carlo Montero's personal developer. version 1.0 of Simple Client Management System is vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in /cms/admin/?page=...

9.8CVSS8.7AI score0.01668EPSS
Exploits1References2
Zero Day Initiative
Zero Day Initiative
added 2022/04/12 12:0 a.m.32 views

Bentley View 3DM File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DM...

7.8CVSS5.9AI score0.00946EPSS
Exploits0References1
NVD
NVD
added 2022/02/18 8:15 p.m.21 views

CVE-2021-46626

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS0.02005EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/02/18 8:15 p.m.5 views

CVE-2021-46626

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.6AI score0.02005EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/02/18 8:15 p.m.8 views

CVE-2021-46570

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS6AI score0.02113EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/02/18 8:15 p.m.8 views

CVE-2021-46571

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.6AI score0.02041EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/01/13 10:15 p.m.6 views

CVE-2021-34943

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

3.3CVSS5.2AI score0.01644EPSS
Exploits0References2
Rows per page
Query Builder