Lucene search
K

15493 matches found

NVD
NVD
added 2023/03/06 12:15 p.m.18 views

CVE-2022-2178

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saysis Computer Starcities allows Cross-Site Scripting XSS. This issue affects Starcities: before 1.1...

6.1CVSS6.1AI score0.00372EPSS
Exploits0References2
Prion
Prion
added 2023/03/06 12:15 p.m.16 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Saysis Computer Starcities allows Cross-Site Scripting XSS.This issue affects Starcities: before 1.1...

5.8CVSS6.1AI score0.00372EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/03/06 11:43 a.m.58 views

CVE-2022-2178

CVE-2022-2178 corresponds to a cross-site scripting (XSS) flaw in Saysis Computer Starcities prior to version 1.1, arising from improper neutralization of input during web page generation. The vulnerability could allow injection of malicious scripts when rendering pages. Affected product/version:...

6.1CVSS6.4AI score0.00372EPSS
Exploits0References2Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/03/06 12:35 a.m.2 views

Malicious code in owa-sprite (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6438db9d4289d3d8728e6308442f731128ad1d364e2d0cf6d58261f7ca7db98a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2023/03/06 12:35 a.m.11 views

MAL-2023-663 Malicious code in owa-theme (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a60a11fa8007678688a3a358a3af447fc85b65c2358d8799dcc1916f7504c7a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2023/03/06 12:35 a.m.5 views

MAL-2023-664 Malicious code in owa-trace (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d2730f76c4a2f75133740b824ee87e42529cefc04f9dc35ec99403ffc56fde0f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2023/03/06 12:5 a.m.8 views

MAL-2023-523 Malicious code in ing-feat-chat-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 835a1fb10ee1658d2e09e94628e45218fe3918071de4d8ab99ac557a92de67b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/06 12:0 a.m.6 views

PT-2023-12670 · Saysis Computer · Starcities

Name of the Vulnerable Software and Affected Versions: Starcities versions prior to 1.1 Description: The issue affects Saysis Computer Starcities, allowing Cross-Site Scripting XSS due to improper neutralization of input during web page generation. This enables an attacker to inject malicious...

6.1CVSS6.2AI score0.00372EPSS
Exploits0References4
NVD
NVD
added 2023/03/05 10:15 a.m.33 views

CVE-2023-1179

A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add Supplier Handler. The manipulation of the argument companyname/province/city/phonenumber leads to cross site...

5.4CVSS4.2AI score0.00592EPSS
Exploits1References3
OSV
OSV
added 2023/03/05 10:15 a.m.4 views

CVE-2023-1179

A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add Supplier Handler. The manipulation of the argument companyname/province/city/phonenumber leads to cross site...

5.4CVSS4AI score0.00592EPSS
Exploits1References3
CVE
CVE
added 2023/03/05 9:48 a.m.57 views

CVE-2023-1179

CVE-2023-1179 affects SourceCodester Computer Parts Sales and Inventory System 1.0. The vulnerability exists in the Add Supplier Handler where manipulating the arguments company_name, province, city, or phone_number can lead to cross-site scripting. Exploitation is possible remotely and, per sour...

5.4CVSS4.4AI score0.00592EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2023/03/05 12:0 a.m.4 views

Computer Parts Sales and Inventory System 跨站脚本漏洞

Computer Parts Sales and Inventory System is a computer parts sales and inventory system by Warren Daloyan, an individual developer. A cross-site scripting vulnerability exists in SourceCodester Computer Parts Sales and Inventory System version 1.0, which stems from the fact that manipulation of...

5.4CVSS4.1AI score0.00592EPSS
Exploits1References4
CVE
CVE
added 2023/03/01 7:36 p.m.56 views

CVE-2023-1131

CVE-2023-1131 affects the SourceCodester Computer Parts Sales and Inventory System 1.0. The vulnerability is a cross-site scripting flaw in the file customer.php , triggered by manipulating the arguments FIRST_NAME/LAST_NAME/PHONE_NUMBER . It can be exploited remotely, and the exploit has been di...

6.1CVSS4.9AI score0.00601EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/03/01 7:34 p.m.26 views

CVE-2023-1130 SourceCodester Computer Parts Sales and Inventory System processlogin sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. This affects an unknown part of the file processlogin. The manipulation of the argument user leads to sql injection. It is possible to initiate the attack remotely. The...

6.5CVSS10AI score0.00669EPSS
Exploits0References3
CVE
CVE
added 2023/03/01 7:34 p.m.60 views

CVE-2023-1130

CVE-2023-1130 affects SourceCodester Computer Parts Sales and Inventory System 1.0, specifically the vulnerable part within the file processlogin . The root cause is improper handling of the user parameter, enabling SQL injection . This can be exploited remotely and, according to the sources, the...

9.8CVSS8.3AI score0.00669EPSS
Exploits0References3Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/03/01 5:46 a.m.3 views

Malicious code in hardhat-web3-utility (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b492c5ccdb582dd43eb84cd6e87f55f91de39f0367ce38fa7426091cbccb908f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2023/03/01 5:46 a.m.6 views

MAL-2023-492 Malicious code in hardhat-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e9ecd6650e933188001d304f60e4bdc5a7820065595396fe796ba8d86eb3bda7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2023/03/01 5:46 a.m.6 views

MAL-2023-494 Malicious code in hardhat-web3-utility (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b492c5ccdb582dd43eb84cd6e87f55f91de39f0367ce38fa7426091cbccb908f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2023/03/01 5:46 a.m.10 views

MAL-2023-493 Malicious code in hardhat-web3-deploy (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 736287dd58e487359e35a7c53653af7140c45ca2919d533e02fb45b58e898dbc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2023/03/01 5:46 a.m.7 views

MAL-2023-491 Malicious code in hardhat-manage (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c715606ed1f31065a073bcd5c09d01c86c31360cb2c2f583f93d5896dc06f188 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder