Lucene search
K

7 matches found

NVD
NVD
added 2025/10/17 7:15 p.m.7 views

CVE-2025-56320

Enterprise Contract Management Portal v.22.4.0 is vulnerable to Stored Cross-Site Scripting XSS in its chat box component. This allows a remote attacker to execute arbitrary code. NOTE: the Supplier reports that this is "Present only in an obsolete, unsupported version no longer in circulation."...

5.4CVSS0.00394EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/10/17 12:0 a.m.1 views

CVE-2025-56320

Enterprise Contract Management Portal v.22.4.0 is vulnerable to Stored Cross-Site Scripting XSS in its chat box component. This allows a remote attacker to execute arbitrary code. NOTE: the Supplier reports that this is "Present only in an obsolete, unsupported version no longer in circulation."...

5.4CVSS6.2AI score0.00394EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/05/24 12:0 a.m.4 views

PT-2025-22848 · Unknown · Tmall Demo

Name of the Vulnerable Software and Affected Versions: Tmall Demo up to 20250505 Description: A vulnerability has been found in the Search Box component of Tmall Demo, allowing for cross-site scripting through remote attack. The manipulation of an unknown function leads to this issue. The vendor...

6.1CVSS4.5AI score0.00356EPSS
Exploits1References10
BDU FSTEC
BDU FSTEC
added 2022/04/05 12:0 a.m.8 views

The vulnerability of the gf_isom_oinf_read_entry function in the MP4Box component of the GPAC multimedia platform allows a hacker to gain access to confidential data.

The vulnerability of the gfisomoinfreadEntry function in the MP4Box component of the GPAC multimedia platform is related to improper memory release before deleting the last reference. Exploiting this vulnerability allows a remote attacker to gain access to confidential data through a specially...

7.1CVSS6.8AI score0.00923EPSS
Exploits1References6Affected Software3
Github Security Blog
Github Security Blog
added 2021/07/02 7:18 p.m.205 views

Cross-site scripting (XSS) from field and configuration text displayed in the Panel

On Saturday, @hdodov reported that the Panel's ListItem component used in the pages and files section for example displayed HTML in page titles as it is. This could be used for cross-site scripting XSS attacks. We used his report as an opportunity to find and fix XSS issues related to dynamic sit...

7.1CVSS0.2AI score0.00532EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2019/01/16 12:0 a.m.2 views

Oracle VM VirtualBox Access Control Error Vulnerability (CNVD-2019-27291)

Oracle Virtualization is a set of virtualization solutions from Oracle Corporation. The solution is used to unify the management of the entire hardware and software system from applications to disks, enabling virtualization from the desktop to the data center.VM VirtualBox is one of the virtual...

7.8CVSS8.6AI score0.00799EPSS
Exploits2References1
OSV
OSV
added 2018/09/14 7:29 a.m.5 views

CVE-2018-17046

translate man before 2018-08-21 has XSS via containers/outputBox/outputBox.vue and store/index.js...

6.1CVSS5.8AI score0.00744EPSS
Exploits1References1
Rows per page
Query Builder