Lucene search
K

23 matches found

RedhatCVE
RedhatCVE
added 2026/06/01 10:3 p.m.12 views

CVE-2026-10155

A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. The impacted element is the function accountsreportsearch of the file application/modules/accounts/controllers/Accounts.php of the component Accounts Report Handler. Performing a manipulation of the argument dtpToDat...

5.8CVSS5.6AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:29 p.m.4 views

CVE-2023-40519

A cross-site scripting XSS vulnerability in the bpk-common/auth/login/index.html login portal in Broadpeak Centralized Accounts Management Auth Agent 01.01.00.19219575ee9195b0, 01.01.01.30097902fd999e76, and 00.12.01.95655881254b459 allows remote attackers to inject arbitrary web script or HTML v...

6.1CVSS5.7AI score0.00368EPSS
Exploits0References1
OSV
OSV
added 2025/11/26 8:15 p.m.6 views

CVE-2025-65276

An unauthenticated administrative access vulnerability exists in the open-source HashTech project https://github.com/henzljw/hashtech 1.0 thru commit 5919decaff2681dc250e934814fc3a35f6093ee5 2021-07-02. Due to missing authentication checks on /adminindex.php, an attacker can directly access the...

9.8CVSS5.9AI score0.00364EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/26 12:0 a.m.9 views

CVE-2025-65276

An unauthenticated administrative access vulnerability exists in the open-source HashTech project https://github.com/henzljw/hashtech 1.0 thru commit 5919decaff2681dc250e934814fc3a35f6093ee5 2021-07-02. Due to missing authentication checks on /adminindex.php, an attacker can directly access the...

0.00364EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-8017

Malware in sbrugna...

6.5CVSS6.9AI score0.00838EPSS
Exploits0References3
OSV
OSV
added 2023/11/24 11:6 a.m.6 views

OESA-2023-1852 shadow security update

Tools for managing accounts and shadow password files. Security Fixes: shadow: TOCTOU time-of-check time-of-use race condition when copying and removing directory treesCVE-2013-4235...

4.7CVSS7.1AI score0.00308EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/10/03 9:15 p.m.5 views

CVE-2023-40519

A cross-site scripting XSS vulnerability in the bpk-common/auth/login/index.html login portal in Broadpeak Centralized Accounts Management Auth Agent 01.01.00.19219575ee9195b0, 01.01.01.30097902fd999e76, and 00.12.01.95655881254b459 allows remote attackers to inject arbitrary web script or HTML v...

6.1CVSS6.4AI score0.00368EPSS
Exploits0References2
OSV
OSV
added 2023/10/03 9:15 p.m.5 views

CVE-2023-40519

A cross-site scripting XSS vulnerability in the bpk-common/auth/login/index.html login portal in Broadpeak Centralized Accounts Management Auth Agent 01.01.00.19219575ee9195b0, 01.01.01.30097902fd999e76, and 00.12.01.95655881254b459 allows remote attackers to inject arbitrary web script or HTML v...

6.1CVSS5.8AI score0.00368EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/03 12:0 a.m.10 views

CVE-2023-40519

A cross-site scripting XSS vulnerability in the bpk-common/auth/login/index.html login portal in Broadpeak Centralized Accounts Management Auth Agent 01.01.00.19219575ee9195b0, 01.01.01.30097902fd999e76, and 00.12.01.95655881254b459 allows remote attackers to inject arbitrary web script or HTML v...

5.7AI score0.00368EPSS
Exploits0References1
CVE
CVE
added 2023/10/03 12:0 a.m.51 views

CVE-2023-40519

CVE-2023-40519 describes a cross-site scripting (XSS) vulnerability in the Broadpeak Centralized Accounts Management Auth Agent, specifically the login portal at bpk-common/auth/login/index.html. The issue can be triggered by a malicious value in the disconnectMessage parameter, enabling remote a...

6.1CVSS5.9AI score0.00368EPSS
Exploits0References1Affected Software1
Gentoo Linux
Gentoo Linux
added 2022/10/31 12:0 a.m.37 views

Shadow: TOCTOU Race

Background Shadow contains utilities to deal with user accounts Description A TOCTOU race condition was discovered in shadow. A local attacker with write privileges in a directory removed or copied by usermod/userdel could potentially exploit this flaw when the administrator invokes...

4.7CVSS4.4AI score0.00308EPSS
Exploits0
OSV
OSV
added 2022/03/30 11:15 p.m.3 views

CVE-2022-26644

Online Banking System Protect v1.0 was discovered to contain multiple cross-site scripting XSS vulnerabilities via parameters on user profile, systeminfo and accounts management...

6.1CVSS5.7AI score0.00631EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/03/30 11:15 p.m.2 views

CVE-2022-26644

Online Banking System Protect v1.0 was discovered to contain multiple cross-site scripting XSS vulnerabilities via parameters on user profile, systeminfo and accounts management...

6.1CVSS6.3AI score0.00631EPSS
Exploits1References3
NVD
NVD
added 2022/03/30 11:15 p.m.20 views

CVE-2022-26644

Online Banking System Protect v1.0 was discovered to contain multiple cross-site scripting XSS vulnerabilities via parameters on user profile, systeminfo and accounts management...

6.1CVSS0.00631EPSS
Exploits1References1
Prion
Prion
added 2022/03/30 11:15 p.m.17 views

Cross site scripting

Online Banking System Protect v1.0 was discovered to contain multiple cross-site scripting XSS vulnerabilities via parameters on user profile, systeminfo and accounts management...

4.3CVSS6.2AI score0.00631EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/03/30 10:51 p.m.36 views

CVE-2022-26644

Online Banking System Protect v1.0 was discovered to contain multiple cross-site scripting XSS vulnerabilities via parameters on user profile, systeminfo and accounts management...

6.3AI score0.00631EPSS
Exploits1References1
CVE
CVE
added 2022/03/30 10:51 p.m.98 views

CVE-2022-26644

The CVE-2022-26644 entry concerns Online Banking System Protect v1.0 with multiple cross-site scripting (XSS) flaws exploitable through parameters on user profile, system_info, and accounts management. This is documented across multiple sources (NVD/Red Hat and PT Security). Root cause is XSS in ...

6.1CVSS6.1AI score0.00631EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/03/30 12:0 a.m.4 views

PT-2022-17976

Name of the Vulnerable Software and Affected Versions Online Banking System Protect version 1.0 Description The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities are accessible via parameters on the user profile, system info, and accounts management pages...

6.1CVSS6AI score0.00631EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.9 views

The vulnerability of the Windows operating system, which allows a hacker to bypass the account locking mechanism

The vulnerability that allows bypassing the protection mechanism is related to incorrect checking of the user lock status by the SAMR protocol remote security account management...

5.4CVSS5.5AI score0.10249EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2012/11/20 12:0 a.m.35 views

SonicWALL CDP 5040 6.x Cross Site Scripting

Title: ====== SonicWALL CDP 5040 v6.x - Multiple Web Vulnerabilities Date: ===== 2012-11-19 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=549 VL-ID: ===== 549 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: =============...

Exploits0
Rows per page
Query Builder