38 matches found
EUVD-2015-4071
Malware in sbrugna...
EUVD-2024-48215
Malicious code in bioql PyPI...
EUVD-2021-27823
Malicious code in bioql PyPI...
EUVD-2021-27824
Malicious code in bioql PyPI...
CVE-2024-7269
Improper Neutralization of Input During Web Page Generation vulnerability in "Update of Personal Details" form in ConnX ESP HR Management allows Stored XSS attack. An attacker might inject a script to be run in user's browser. After multiple attempts to contact the vendor we did not receive any...
CVE-2021-40649
In Connx Version 6.2.0.1269 20210623, a cookie can be issued by the application and not have the HttpOnly flag set...
CVE-2021-40650
In Connx Version 6.2.0.1269 20210623, a cookie can be issued by the application and not have the secure flag set...
CVE-2024-7269
Improper Neutralization of Input During Web Page Generation vulnerability in "Update of Personal Details" form in ConnX ESP HR Management allows Stored XSS attack. An attacker might inject a script to be run in user's browser. After multiple attempts to contact the vendor we did not receive any...
CVE-2024-7269
Improper Neutralization of Input During Web Page Generation vulnerability in "Update of Personal Details" form in ConnX ESP HR Management allows Stored XSS attack. An attacker might inject a script to be run in user's browser. After multiple attempts to contact the vendor we did not receive any...
CVE-2024-7269 Stored XSS in ConnX ESP HR Management
Improper Neutralization of Input During Web Page Generation vulnerability in "Update of Personal Details" form in ConnX ESP HR Management allows Stored XSS attack. An attacker might inject a script to be run in user's browser. After multiple attempts to contact the vendor we did not receive any...
CVE-2024-7269
CVE-2024-7269 pertains to ConnX ESP HR Management and is a Stored XSS vulnerability in the "Update of Personal Details" form. Affected are ESP HR Management versions prior to 6.6. The root cause is improper neutralization of input during web page generation, enabling an attacker to inject script ...
CVE-2024-7269 Stored XSS in ConnX ESP HR Management
Improper Neutralization of Input During Web Page Generation vulnerability in "Update of Personal Details" form in ConnX ESP HR Management allows Stored XSS attack. An attacker might inject a script to be run in user's browser. After multiple attempts to contact the vendor we did not receive any...
ConnX ESP HR Management 安全漏洞
ConnX ESP HR Management is a human resource management system from ConnX Corporation. A security vulnerability exists in ConnX ESP HR Management versions prior to 6.6 that stems from an improper input neutralization issue, which leads to a stored cross-site scripting attack...
PT-2024-38221 · Unknown · Connx Esp Hr Management
Name of the Vulnerable Software and Affected Versions: ConnX ESP HR Management versions prior to 6.6 Description: The issue is related to an Improper Neutralization of Input During Web Page Generation vulnerability in the "Update of Personal Details" form, allowing a Stored XSS attack. An attacke...
CVE-2021-40650
In Connx Version 6.2.0.1269 20210623, a cookie can be issued by the application and not have the secure flag set...
CVE-2021-40650
In Connx Version 6.2.0.1269 20210623, a cookie can be issued by the application and not have the secure flag set...
CVE-2021-40649
In Connx Version 6.2.0.1269 20210623, a cookie can be issued by the application and not have the HttpOnly flag set...
CVE-2021-40649
In Connx Version 6.2.0.1269 20210623, a cookie can be issued by the application and not have the HttpOnly flag set...
Code injection
In Connx Version 6.2.0.1269 20210623, a cookie can be issued by the application and not have the secure flag set...
Code injection
In Connx Version 6.2.0.1269 20210623, a cookie can be issued by the application and not have the HttpOnly flag set...