Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-25144

Malware in sbrugna...

8.8CVSS8.6AI score0.01029EPSS
Exploits0References3
OSV
OSV
added 2021/09/07 8:15 p.m.26 views

CVE-2021-38707

Persistent cross-site scripting XSS vulnerabilities in ClinicCases 7.3.3 allow low-privileged attackers to introduce arbitrary JavaScript to account parameters. The XSS payloads will execute in the browser of any user who views the relevant content. This can result in account takeover via session...

5.4CVSS5.6AI score0.00644EPSS
Exploits1References2
OSV
OSV
added 2021/09/07 8:15 p.m.22 views

CVE-2021-38705

ClinicCases 7.3.3 is affected by Cross-Site Request Forgery CSRF. A successful attack would consist of an authenticated user following a malicious link, resulting in arbitrary actions being carried out with the privilege level of the targeted user. This can be exploited to create a secondary...

8.8CVSS6.8AI score0.00769EPSS
Exploits1References2
NVD
NVD
added 2021/09/07 8:15 p.m.25 views

CVE-2021-38705

ClinicCases 7.3.3 is affected by Cross-Site Request Forgery CSRF. A successful attack would consist of an authenticated user following a malicious link, resulting in arbitrary actions being carried out with the privilege level of the targeted user. This can be exploited to create a secondary...

8.8CVSS0.00769EPSS
Exploits1References2
NVD
NVD
added 2021/09/07 8:15 p.m.19 views

CVE-2021-38706

messagesload.php in ClinicCases 7.3.3 suffers from a blind SQL injection vulnerability, which allows low-privileged attackers to execute arbitrary SQL commands through a vulnerable parameter...

8.8CVSS0.01029EPSS
Exploits0References2
OSV
OSV
added 2021/09/07 8:15 p.m.18 views

CVE-2021-38704

Multiple reflected cross-site scripting XSS vulnerabilities in ClinicCases 7.3.3 allow unauthenticated attackers to introduce arbitrary JavaScript by crafting a malicious URL. This can result in account takeover via session token theft...

6.1CVSS6.1AI score0.03521EPSS
Exploits1References2
Prion
Prion
added 2021/09/07 8:15 p.m.16 views

Cross site scripting

Multiple reflected cross-site scripting XSS vulnerabilities in ClinicCases 7.3.3 allow unauthenticated attackers to introduce arbitrary JavaScript by crafting a malicious URL. This can result in account takeover via session token theft...

4.3CVSS6.1AI score0.03521EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2021/09/07 8:15 p.m.11 views

Cross site request forgery (csrf)

ClinicCases 7.3.3 is affected by Cross-Site Request Forgery CSRF. A successful attack would consist of an authenticated user following a malicious link, resulting in arbitrary actions being carried out with the privilege level of the targeted user. This can be exploited to create a secondary...

6.8CVSS8.6AI score0.00769EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/09/07 7:25 p.m.27 views

CVE-2021-38705

ClinicCases 7.3.3 is affected by Cross-Site Request Forgery CSRF. A successful attack would consist of an authenticated user following a malicious link, resulting in arbitrary actions being carried out with the privilege level of the targeted user. This can be exploited to create a secondary...

8.8AI score0.00769EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/09/07 7:21 p.m.31 views

CVE-2021-38704

Multiple reflected cross-site scripting XSS vulnerabilities in ClinicCases 7.3.3 allow unauthenticated attackers to introduce arbitrary JavaScript by crafting a malicious URL. This can result in account takeover via session token theft...

6.3AI score0.03521EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/09/07 7:16 p.m.27 views

CVE-2021-38707

Persistent cross-site scripting XSS vulnerabilities in ClinicCases 7.3.3 allow low-privileged attackers to introduce arbitrary JavaScript to account parameters. The XSS payloads will execute in the browser of any user who views the relevant content. This can result in account takeover via session...

5.6AI score0.00644EPSS
Exploits1References2
Rows per page
Query Builder