Lucene search
K

104 matches found

OSV
OSV
added 2024/05/14 8:13 p.m.23 views

GHSA-XJWX-78X7-Q6JC TYPO3 vulnerable to an HTML Injection in the History Module

Problem The history backend module is vulnerable to HTML injection. Although Content-Security-Policy headers effectively prevent JavaScript execution, adversaries can still inject malicious HTML markup. Exploiting this vulnerability requires a valid backend user account. Solution Update to TYPO3...

3.5CVSS4.7AI score0.00586EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/04/26 12:0 a.m.6 views

relate 安全漏洞

RELATE is a web-based courseware package from the individual developer Andreas Klöckner. A security vulnerability exists in relate version v.2024.1, which stems from the presence of a server-side template injection SSTI vulnerability...

6CVSS7.2AI score0.00797EPSS
Exploits0References2
Openbugbounty
Openbugbounty
added 2023/12/24 7:8 p.m.7 views

andreas-seier.eu Improper Access Control vulnerability OBB-3821121

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
NVD
NVD
added 2023/12/14 6:15 p.m.17 views

CVE-2023-49157

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Andreas Münch Multiple Post Passwords allows Stored XSS.This issue affects Multiple Post Passwords: from n/a through 1.1.1...

5.9CVSS0.00394EPSS
Exploits0References1
Prion
Prion
added 2023/12/14 6:15 p.m.18 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Andreas Münch Multiple Post Passwords allows Stored XSS.This issue affects Multiple Post Passwords: from n/a through 1.1.1...

4.3CVSS7AI score0.00394EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/14 5:15 p.m.64 views

CVE-2023-49157

CVE-2023-49157 affects WordPress plugin Multiple Post Passwords (by Andreas Münch). The issue is an Stored Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. Affected versions are

5.9CVSS6.5AI score0.00394EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2023/11/12 4:50 p.m.7 views

andreas-stohrer.de Improper Access Control vulnerability OBB-3777951

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/11/12 4:49 p.m.9 views

andreas-diehl.de Improper Access Control vulnerability OBB-3777949

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/10/30 5:53 p.m.10 views

andreas-waschburger.de Improper Access Control vulnerability OBB-3769253

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/10/30 5:53 p.m.6 views

andreas-menz.de Improper Access Control vulnerability OBB-3769250

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/10/30 5:52 p.m.3 views

andreas-malessa.de Improper Access Control vulnerability OBB-3769246

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/10/30 5:52 p.m.5 views

andreas-hermuehlen.de Improper Access Control vulnerability OBB-3769244

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.9AI score
Exploits0
NVD
NVD
added 2023/10/06 3:15 p.m.31 views

CVE-2023-41654

Cross-Site Request Forgery CSRF vulnerability in Andreas Heigl authLdap plugin = 2.5.8 versions...

8.8CVSS6.5AI score0.00204EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/06 2:36 p.m.39 views

CVE-2023-41654 WordPress authLdap Plugin <= 2.5.8 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Andreas Heigl authLdap plugin = 2.5.8 versions...

5.4CVSS9AI score0.00204EPSS
Exploits0References1
OSV
OSV
added 2023/10/06 2:36 p.m.2 views

CVE-2023-41654 WordPress authLdap Plugin <= 2.5.8 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Andreas Heigl authLdap plugin = 2.5.8 versions...

5.4CVSS5.9AI score0.00204EPSS
Exploits0References4
NVD
NVD
added 2023/09/29 2:15 p.m.24 views

CVE-2023-41655

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Andreas Heigl authLdap plugin = 2.5.9 versions...

5.9CVSS5.4AI score0.00316EPSS
Exploits0References1
CVE
CVE
added 2023/09/29 1:24 p.m.54 views

CVE-2023-41655

CVE-2023-41655 affects the WordPress plugin authLdap (by Andreas Heigl). Public records describe an Authenticated Stored Cross-Site Scripting (XSS) vulnerability exploitable by an Administrator (admin+) due to input handling in the plugin. Vulnerable versions are listed as

5.9CVSS5.1AI score0.00316EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/29 1:24 p.m.14 views

CVE-2023-41655 WordPress authLdap Plugin <= 2.5.9 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Andreas Heigl authLdap plugin = 2.5.9 versions...

5.9CVSS5.6AI score0.00316EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/29 1:24 p.m.34 views

CVE-2023-41655 WordPress authLdap Plugin <= 2.5.9 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Andreas Heigl authLdap plugin = 2.5.9 versions...

5.9CVSS5.5AI score0.00316EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2023/08/24 6:0 p.m.13 views

andreas-balkenhol.de Cross Site Scripting vulnerability OBB-3615452

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Rows per page
Query Builder