Lucene search
+L

174 matches found

CNVD
CNVD
added 2022/03/01 12:0 a.m.45 views

JetBrains Hub server-side request forgery vulnerability

JetBrains Hub is a web-based application from JetBrains Czech Republic. JetBrains Hub has a server-side request forgery vulnerability that stems from the software's lack of validation for request forgery, which can be exploited by attackers to conduct server-side request forgery SSRF attacks...

9.1CVSS3AI score0.02391EPSS
Exploits1References1
CNVD
CNVD
added 2022/03/01 12:0 a.m.44 views

JetBrains Hub has an unspecified vulnerability (CNVD-2022-17757)

JetBrains Hub is a web-based application from JetBrains Czech Republic. The application is capable of integrating multiple JetBrains team tools together.A security vulnerability exists in versions prior to JetBrains Hub 2022.1.14434, which stems from allowing SAML requests to take over. No detail...

9.8CVSS2.3AI score0.0144EPSS
Exploits1References1
CNVD
CNVD
added 2022/02/28 12:0 a.m.20 views

Sourcecodester Hospital Patient Records Management System SQL注入漏洞

Sourcecodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. sourcecodester Hospital Patient Record Management System v1.0 is vulnerable to SQL injection. The vulnerability is caus...

9.8CVSS2.3AI score0.01638EPSS
Exploits2References1
CNVD
CNVD
added 2022/02/28 12:0 a.m.17 views

Sourcecodester Hospital Patient Records Management System SQL注入漏洞(CNVD-2022-48763)

Sourcecodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. sourcecodester Hospital Patient Record Management System v1.0 is vulnerable to SQL injection. The vulnerability is caus...

9.8CVSS2.3AI score0.01638EPSS
Exploits2References1
CNVD
CNVD
added 2022/02/28 12:0 a.m.24 views

Sourcecodester Hospital Patient Records Management System本地文件包含漏洞

Sourcecodester Hospital Patient Records Management System is a web-based application that provides hospitals with an automated platform to store and manage their patient records. sourcecodester Hospital Patient Record Management System v1.0 contains a local file inclusion vulnerability that can b...

7.8CVSS2.8AI score0.01526EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/02/25 12:0 a.m.6 views

JetBrains Hub 跨站脚本漏洞

JetBrains Hub is a web-based application from JetBrains Czech Republic. The application is able to integrate multiple JetBrains team tools together. JetBrains Hub has a cross-site scripting vulnerability that can be exploited by attackers to execute XSS attacks...

6.1CVSS5.2AI score0.00568EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/02/23 11:50 p.m.7 views

CVE-2022-24707 SQL injection in anuko timetracker

Anuko Time Tracker is an open source, web-based time tracking application written in PHP. UNION SQL injection and time-based blind injection vulnerabilities existed in Time Tracker Puncher plugin in versions of anuko timetracker prior to 1.20.0.5642. This was happening because the Puncher plugin...

7.4CVSS9.2AI score0.07159EPSS
Exploits5References3
CNVD
CNVD
added 2022/02/18 12:0 a.m.17 views

Sourcecodester Hospital Patient Records Management System跨站脚本漏洞(CNVD-2022-48765)

Sourcecodester Hospital Patient Records Management System is a web-based application that provides hospitals with an automated platform to store and manage their patient records. sourcecodester Hospital Patient Records Management System is vulnerable to a cross-site scripting vulnerability that...

5.4CVSS1.7AI score0.00824EPSS
Exploits1References1
CNVD
CNVD
added 2022/02/16 12:0 a.m.35 views

K-Box Cross-Site Scripting Vulnerability

K-Box is a web-based application used to manage document, image, video and geographic data. A cross-site scripting vulnerability exists in K-Box, which stems from the fact that the editors of the product's user document summaries and markdown file previews do not securely handle special character...

6.1CVSS4AI score0.00475EPSS
Exploits0References1
NVD
NVD
added 2022/02/14 9:15 p.m.27 views

CVE-2022-23637

K-Box is a web-based application to manage documents, images, videos and geodata. Prior to version 0.33.1, a stored Cross-Site-Scripting XSS vulnerability is present in the markdown editor used by the document abstract and markdown file preview. A specifically crafted anchor link can, if clicked,...

6.1CVSS0.00475EPSS
Exploits0References2
Prion
Prion
added 2022/02/14 9:15 p.m.21 views

Cross site scripting

K-Box is a web-based application to manage documents, images, videos and geodata. Prior to version 0.33.1, a stored Cross-Site-Scripting XSS vulnerability is present in the markdown editor used by the document abstract and markdown file preview. A specifically crafted anchor link can, if clicked,...

3.5CVSS5.5AI score0.00475EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/02/14 8:45 p.m.110 views

CVE-2022-23637

K-Box (web-based document/image/geodata manager) contains a stored XSS vulnerability in the markdown editor used for document abstracts and markdown previews. The issue arises from unsafely handled input in the editor, where a crafted anchor link can trigger untrusted JavaScript actions (e.g., co...

6.1CVSS5.5AI score0.00475EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/02/14 8:45 p.m.26 views

CVE-2022-23637 Stored Cross-Site-Scripting (XSS) in Markdown Editor

K-Box is a web-based application to manage documents, images, videos and geodata. Prior to version 0.33.1, a stored Cross-Site-Scripting XSS vulnerability is present in the markdown editor used by the document abstract and markdown file preview. A specifically crafted anchor link can, if clicked,...

6.1CVSS5.5AI score0.00475EPSS
Exploits0References4
CNVD
CNVD
added 2022/02/09 12:0 a.m.13 views

SourceCodester Simple Cold Storage Management System信息泄露漏洞

Sourcecodester Simple Cold Storage Management System is a web-based application used as a cold storage business website to provide their customers or potential customers with an easy-to-access platform to learn about their company. sourceCodester Simple Cold Storage Management System has a securi...

9.8CVSS3.8AI score0.01096EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/02/01 12:0 a.m.4 views

Sourcecodester Simple Client Management System SQL注入漏洞

Sourcecodester Simple Client Management System is a simple web-based application that provides an online platform to manage company customer invoices. sourcecodester Simple Client Management System is vulnerable to SQL injection vulnerability, which stems from the application's lack of validation...

9.8CVSS6AI score0.07515EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/01/26 12:0 a.m.8 views

Sourcecodester Hospital Patient Records Management System 跨站脚本漏洞

SourceCodester Hospital Patient Records Management System is a web-based PHP application that provides an automated platform for hospitals to store and manage their patient records. A cross-site scripting vulnerability exists in version 1.0 of the Management System. The vulnerability is related t...

5.4CVSS5.3AI score0.00839EPSS
Exploits1References3
CNVD
CNVD
added 2022/01/26 12:0 a.m.22 views

SourceCodester Hospital Patient Records Management System horizontal override vulnerability

SourceCodester Hospital Patient Records Management System is a web-based application that provides an automated platform for hospitals to store and manage their patient records. sourceCodester Hospital Patient Records Management System version 1.0 contains a horizontal override vulnerability, whi...

5.3CVSS2.3AI score0.00989EPSS
Exploits0References1
CNVD
CNVD
added 2022/01/25 12:0 a.m.21 views

SourceCodester Online Railway Reservation system SQL注入漏洞

SourceCodester Online Railway Reservation system is a web-based application that provides an online platform for rail or train station passengers or potential passengers to browse their schedules and reserve seats. sourceCodester Online Railway Reservation system is vulnerable to a SQL injection...

10CVSS3.7AI score0.01556EPSS
Exploits1References1
CNVD
CNVD
added 2022/01/25 12:0 a.m.17 views

SourceCodester Budget and Expense Tracker System SQL注入漏洞

SourceCodester Budget And Expense Tracker System is a web-based application from Carlo Montero's personal developer. SourceCodester Budget and Expense Tracker System is vulnerable in v1.0 due to a lack of SQL data escaping and filtering in the software. An attacker could use the user name field t...

9.8CVSS4AI score0.02592EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/01/12 12:0 a.m.7 views

Cisco Unified Contact Center Management Portal和Cisco Unified Contact Center Domain Manager 安全漏洞

Cisco Unified Contact Center Management Portal and Cisco Unified Contact Center Domain Manager are both products of Cisco Corporation. Management Portal is an intuitive and secure Web-based application that allows supervisors and managers to meet the complex and changing demands of the contact...

9.6CVSS8.6AI score0.01393EPSS
Exploits0References4
Rows per page
Query Builder