Lucene search
K

214 matches found

OSV
OSV
•added 2021/07/09 5:15 p.m.•4 views

CVE-2020-21333

Cross Site Scripting XSS vulnerability in PublicCMS 4.0 to get an admin cookie when the Administrator reviews submit case...

5.4CVSS6.1AI score0.00475EPSS
Exploits1References1
NVD
NVD
•added 2021/07/09 5:15 p.m.•15 views

CVE-2020-21333

Cross Site Scripting XSS vulnerability in PublicCMS 4.0 to get an admin cookie when the Administrator reviews submit case...

5.4CVSS0.00475EPSS
Exploits1References1
Prion
Prion
•added 2021/07/09 5:15 p.m.•11 views

Cross site scripting

Cross Site Scripting XSS vulnerability in PublicCMS 4.0 to get an admin cookie when the Administrator reviews submit case...

3.5CVSS5.3AI score0.00475EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
•added 2021/07/09 4:41 p.m.•16 views

CVE-2020-21333

Cross Site Scripting XSS vulnerability in PublicCMS 4.0 to get an admin cookie when the Administrator reviews submit case...

5.3AI score0.00475EPSS
Exploits1References1
Huntr
Huntr
•added 2021/07/02 4:30 a.m.•9 views

Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system

āœļø Description There is a Stored XSS in the online invoicing system view price history which is lead by adding invoice items. šŸ’„ TESTED VERSION https://github.com/bigprof-software/online-invoicing-system/releases/tag/v5.0 šŸ•µļøā€ā™‚ļø Proof of Concept POC Video:...

0.2AI score
Exploits0
Packet Storm
Packet Storm
•added 2021/01/05 12:0 a.m.•250 views

Click2Magic 1.1.5 Cross Site Scripting

Exploit Title: Click2Magic 1.1.5 - Stored Cross-Site Scripting Exploit Author: Shivam Vermacyb3rn3rd Date: 2020-12-25 Google Dork: N/A Vendor Homepage: https://www.click2magic.com/user/agent/index Software Link: https://www.click2magic.com Version: 1.1.5 Category: Web Application Tested on: Kali...

7.4AI score
Exploits0
Gitee
Gitee
•added 2020/10/06 8:53 p.m.•3 views

Exploit for CVE-2018-9995

This is a Python script, getDVRCredentials.py, that exploits a vulnerability in DVR systems to obtain exposed credentials. The script is designed to target various DVR systems, including Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login. The script...

9.8CVSS7AI score0.83151EPSS
Exploits13
ATTACKERKB
ATTACKERKB
•added 2020/08/25 3:15 p.m.•11 views

CVE-2020-24609

TechKshetra Info Solutions Pvt. Ltd Savsoft Quiz 5.5 and earlier has XSS which can result in an attacker injecting the XSS payload in the User Registration section and each time the admin visits the manage user section from the admin panel, the XSS triggers and the attacker can steal the cookie v...

6.1CVSS5.3AI score0.09815EPSS
Exploits1References3
OSV
OSV
•added 2020/08/21 9:15 p.m.•6 views

CVE-2020-8234

A vulnerability exists in The EdgeMax EdgeSwitch firmware v1.9.1 where the EdgeSwitch legacy web interface SIDSSL cookie for admin can be guessed, enabling the attacker to obtain high privileges and get a root shell by a Command injection...

9.8CVSS7.3AI score0.0341EPSS
Exploits0References3
CNVD
CNVD
•added 2020/03/31 12:0 a.m.•3 views

XSS Vulnerability in FTDMS

FTDMS is a management system for information or resources developed using template engine caching technology. FTDMS suffers from an XSS vulnerability that can be exploited by an attacker to obtain an administrator cookie...

6.2AI score
Exploits0
CNVD
CNVD
•added 2020/03/20 12:0 a.m.•2 views

XSS Vulnerability in Extreme CMS

Extreme CMS is open source and free PHPCMS web content management system. Extreme CMS has an XSS vulnerability that can be exploited by attackers to obtain an administrator cookie...

6.4AI score
Exploits0
OSV
OSV
•added 2019/07/26 9:15 p.m.•4 views

CVE-2019-10263

An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When creating a trial account, it is possible to inject XSS in the Alias field, allowing the attacker to retrieve the admin's cookie and take over the account...

6.1CVSS6.6AI score0.00826EPSS
Exploits5References1
NVD
NVD
•added 2019/07/26 9:15 p.m.•23 views

CVE-2019-10263

An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When creating a trial account, it is possible to inject XSS in the Alias field, allowing the attacker to retrieve the admin's cookie and take over the account...

6.1CVSS6AI score0.00826EPSS
Exploits5References1
Prion
Prion
•added 2019/07/26 9:15 p.m.•17 views

Design/Logic Flaw

An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When creating a trial account, it is possible to inject XSS in the Alias field, allowing the attacker to retrieve the admin's cookie and take over the account...

4.3CVSS6.1AI score0.00826EPSS
Exploits5References1Affected Software1
Cvelist
Cvelist
•added 2019/07/26 8:44 p.m.•24 views

CVE-2019-10263

An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When creating a trial account, it is possible to inject XSS in the Alias field, allowing the attacker to retrieve the admin's cookie and take over the account...

6.2AI score0.00826EPSS
Exploits5References1
CVE
CVE
•added 2019/07/26 8:44 p.m.•419 views

CVE-2019-10263

CVE-2019-10263 affects Ahsay Cloud Backup Suite prior to 8.1.1.50. The initial description documents an XSS vulnerability in the Alias field during trial account creation that could lead to an admin cookie theft and account takeover. Multiple connected sources corroborate the Ahsay exposure and s...

6.1CVSS6.3AI score0.00826EPSS
Exploits5References1Affected Software1
Prion
Prion
•added 2019/06/13 7:29 p.m.•12 views

Design/Logic Flaw

An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the admin cookie is reset only after a Debut is rebooted...

2.9CVSS4.2AI score0.00424EPSS
Exploits0References2Affected Software1
NVD
NVD
•added 2019/06/13 7:29 p.m.•18 views

CVE-2018-10947

An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the admin cookie is reset only after a Debut is rebooted...

3.1CVSS4AI score0.00424EPSS
Exploits0References2
OSV
OSV
•added 2019/06/13 7:29 p.m.•6 views

CVE-2018-10947

An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the admin cookie is reset only after a Debut is rebooted...

3.1CVSS5.8AI score0.00424EPSS
Exploits0References2
Cvelist
Cvelist
•added 2019/06/13 6:8 p.m.•19 views

CVE-2018-10947

An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the admin cookie is reset only after a Debut is rebooted...

4AI score0.00424EPSS
Exploits0References2
Rows per page
Query Builder