Lucene search
K

19 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-14522

Malware in sbrugna...

6.6CVSS5.2AI score0.00409EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-31750

Malicious code in bioql PyPI...

6.6CVSS5.4AI score0.00313EPSS
Exploits0References1
NVD
NVD
added 2023/12/21 1:15 a.m.30 views

CVE-2023-28025

Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed a...

6.6CVSS0.00313EPSS
Exploits0References1
Prion
Prion
added 2023/12/21 1:15 a.m.17 views

Cross site scripting

Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed a...

4.3CVSS6AI score0.00313EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/21 12:32 a.m.56 views

CVE-2023-28025

CVE-2023-28025 affects HCL Technologies BigFix Mobile / Modern Client Management (including v3.1 and prior per multiple sources). The issue is a stored XSS via the ability to inject an SVG tag into HTML, resulting in an alert cookie pop-up. Root cause is improper input handling that allows SVG ma...

6.6CVSS5.1AI score0.00313EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/21 12:32 a.m.26 views

CVE-2023-28025 An HTML injection vulnerability can affect HCL BigFix Mobile / Modern Client Management

Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed a...

6.6CVSS6.3AI score0.00313EPSS
Exploits0References1
Huntr
Huntr
added 2023/04/18 8:43 p.m.16 views

Stored XSS

Description The Name field in Edit Profile page is vulnerable to Stored XSS. 1. Navigate to https://demo.azuracast.com/ and login 2. Navigate to my account page 3. Click edit profile 4. Change the user name to the below payload 5. Every page of the application will now display an alert pop up on...

4.3CVSS5.3AI score0.00504EPSS
Exploits1
NVD
NVD
added 2022/05/27 5:15 p.m.23 views

CVE-2021-27781

The Master operator may be able to embed script tag in HTML with alert pop-up display cookie...

6.6CVSS0.00409EPSS
Exploits0References1
Prion
Prion
added 2022/05/27 5:15 p.m.18 views

Code injection

The Master operator may be able to embed script tag in HTML with alert pop-up display cookie...

3.5CVSS5AI score0.00409EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2022/05/27 4:15 p.m.82 views

CVE-2021-27781

CVE-2021-27781 affects HCL Technologies BigFix Mobile/Modern Client Management (1.x and 2.0). The issue is a stored cross-site scripting vulnerability that allows embedding a script tag in HTML to trigger an alert pop-up displaying a cookie. Descriptions across multiple sources label this as a st...

6.6CVSS5.2AI score0.00409EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2022/05/27 4:15 p.m.36 views

CVE-2021-27781 HCL BigFix Mobile / Modern Client Management is vulnerable to stored cross-site scripting

The Master operator may be able to embed script tag in HTML with alert pop-up display cookie...

6.6CVSS6.5AI score0.00409EPSS
Exploits0References1
Huntr
Huntr
added 2022/02/08 7:7 a.m.11 views

Cross-site Scripting (XSS) - Reflected in effgarces/bookedscheduler

Setup the Booked Scheduler locally.URL like the following. http://192.168.5.5/phpsch/ Attcker 2. Login as valid user. 3. Make an reservation from the dashboard. 4. Open the information you reserved.URL like the following http://192.168.5.5/Web/reservation.php?rn=62020af2eee4d833634703 5. The...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/08/19 12:0 a.m.15 views

Kimai 2 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Kimai 2- persistent cross-site scripting XSS Exploit Author: osamaalaa Vendor Homepage: link Software Link: https://github.com/kevinpapst/kimai2 Fixed on Github : https://github.com/kevinpapst/kimai2/pull/962 Version: 2 1-Normal...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/19 12:0 a.m.163 views

Kimai 2 - Persistent Cross-Site Scripting

Exploit Title: Kimai 2- persistent cross-site scripting XSS Date: 07/15/2019 Exploit Author: osamaalaa Vendor Homepage: link Software Link: https://github.com/kevinpapst/kimai2 Fixed on Github : https://github.com/kevinpapst/kimai2/pull/962 Version: 2 1-Normal user will try to add timesheet from...

7AI score
Exploits0
NVD
NVD
added 2019/07/22 3:15 p.m.15 views

CVE-2019-1010235

Frog CMS 1.1 is affected by: Cross Site Scripting XSS. The impact is: Cookie stealing, Alert pop-up on page, Redirecting to another phishing site, Executing browser exploits. The component is: Snippets...

5.4CVSS5.4AI score0.00649EPSS
Exploits1References1
Prion
Prion
added 2019/07/22 3:15 p.m.13 views

Cross site scripting

Frog CMS 1.1 is affected by: Cross Site Scripting XSS. The impact is: Cookie stealing, Alert pop-up on page, Redirecting to another phishing site, Executing browser exploits. The component is: Snippets...

3.5CVSS5.4AI score0.00649EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/07/22 2:52 p.m.71 views

CVE-2019-1010235

Summary of CVE-2019-1010235 : Frog CMS 1.1 is affected by a Cross-Site Scripting (XSS) vulnerability in the Snippets component. The fault is described in CNVD-2019-23999 as a lack of proper validation of client-side data, enabling attackers to execute client-side code. Reported impacts include co...

5.4CVSS5.4AI score0.00649EPSS
Exploits1References1Affected Software1
Hacker One
Hacker One
added 2016/12/01 5:55 p.m.13 views

Slack: Store XSS

Hello Team. I found a Store XSS. Where the company name is the vulnerable to XSS. If you give this below XSS script as Company name, you will get the XSS pop up after the login in message option where it'll randomly generated at the message room. “ Here is the POC: https://youtu.be/dqrH2WhIgtk...

6AI score
Exploits0
securityvulns
securityvulns
added 2002/08/26 12:0 a.m.23 views

OmniHTTPd test.shtml Cross-Site Scripting Issue

OmniHTTPd's Test.shtml sample is also vulnerable to a similar issue: http://localhost/test.shtml?3CSCRIPT3Ealertdocument.URL3C2FSCRIPT3E=x Will pop up an alert containing the above URL. Of course, this has other uses cookie theft, faking sources, etc...

Exploits0
Rows per page
Query Builder