Lucene search
K

6 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/28 10:58 p.m.5 views

Malicious code in @kp-admin/main (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e5dc03ae8edb86b5c5bd3968c80bda004a2d31b59095717c3ca8d4f6c1a9a553 The OpenSSF Package Analysis project identified '@kp-admin/main' @ 20.0.0 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2023/09/28 12:0 a.m.7 views

RiteCMS Cross-Site Scripting Vulnerability

RiteCMS is a website CMS. A cross-site scripting vulnerability exists in RiteCMS version 3.0. An attacker can exploit this vulnerability to execute arbitrary code in the Main Menu Items of the Administration Menu via a specially crafted payload...

5.4CVSS6.8AI score0.00488EPSS
Exploits1References2
OSV
OSV
added 2022/05/17 5:7 a.m.2 views

GHSA-4GFX-P2J4-W2VH Alkacon OpenCMS XSS via title and requestedResource parameters

Multiple cross-site scripting XSS vulnerabilities in Alkacon OpenCms before 8.5.2 allow remote attackers to inject arbitrary web script or HTML via the 1 title parameter to system/workplace/views/admin/admin-main.jsp or the 2 requestedResource parameter to system/login/index.html...

5.3CVSS6AI score0.01878EPSS
Exploits3References5
OSV
OSV
added 2021/12/14 4:15 p.m.7 views

CVE-2021-39315

The Magic Post Voice WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the ids parameter found in the /inc/admin/main.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2...

6.1CVSS6.4AI score0.00757EPSS
Exploits0References2
CNVD
CNVD
added 2018/10/29 12:0 a.m.2 views

SEMCMS cross-site scripting vulnerability (CNVD-2019-01719)

SEMCMS is a foreign trade web content management system CMS that supports multiple languages. A cross-site scripting vulnerability exists in SEMCMS version 3.4, which can be exploited by a remote attacker to inject arbitrary Web script or HTML into the copyright text box of the admin/SEMCMSMain.p...

4.8CVSS4.9AI score0.00534EPSS
Exploits1References1
Prion
Prion
added 2014/03/14 2:55 p.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Brother MFC-9970CDW printer with firmware G 1.03 and L 1.10 allows remote attackers to inject arbitrary web script or HTML via an arbitrary parameter name QUERYSTRING to admin/adminmain.html, a different vulnerability than CVE-2013-2507 and...

4.3CVSS6AI score0.02018EPSS
Exploits4References6Affected Software1
Rows per page
Query Builder