Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NVD
NVDadded 2018/01/02 6:29 p.m.10 views

CVE-2017-1000457

Cross-site scripting XSS vulnerability in Help.aspx in mojoPortal version 2.5.0.0 allows remote attackers to inject arbitrary web script or HTML via the helpkey parameter. Exploitation requires authenticated reflected cross-site scripting for user accounts assigned either the "Administrators" or...

4.8CVSS4.9AI score0.00233EPSS
Exploits0References2
OSV
OSVadded 2018/01/02 6:29 p.m.11 views

CVE-2017-1000457

Cross-site scripting XSS vulnerability in Help.aspx in mojoPortal version 2.5.0.0 allows remote attackers to inject arbitrary web script or HTML via the helpkey parameter. Exploitation requires authenticated reflected cross-site scripting for user accounts assigned either the "Administrators" or...

4.8CVSS5.1AI score
Exploits0References2
Prion
Prionadded 2018/01/02 6:29 p.m.10 views

Cross site scripting

Cross-site scripting XSS vulnerability in Help.aspx in mojoPortal version 2.5.0.0 allows remote attackers to inject arbitrary web script or HTML via the helpkey parameter. Exploitation requires authenticated reflected cross-site scripting for user accounts assigned either the "Administrators" or...

3.5CVSS4.8AI score0.00233EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2018/01/02 6:0 p.m.38 views

CVE-2017-1000457

CVE-2017-1000457 describes a cross-site scripting (XSS) vulnerability in mojoPortal 2.5.0.0, exploitable via the Help.aspx page using the helpkey parameter. Exploitation requires an authenticated attacker with either the Administrators or Content Administrators role to perform a reflected XSS aga...

4.8CVSS4.8AI score0.00233EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2017/01/10 3:59 p.m.9 views

Cross site request forgery (csrf)

eClinicalWorks Population Health CCMR suffers from a cross-site request forgery CSRF vulnerability in portalUserService.jsp which allows remote attackers to hijack the authentication of content administrators for requests that could lead to the creation, modification and deletion of users,...

6.8CVSS7.5AI score0.00185EPSS
Exploits5References3
NVD
NVDadded 2017/01/10 3:59 p.m.11 views

CVE-2015-4593

eClinicalWorks Population Health CCMR suffers from a cross-site request forgery CSRF vulnerability in portalUserService.jsp which allows remote attackers to hijack the authentication of content administrators for requests that could lead to the creation, modification and deletion of users,...

8.8CVSS8.8AI score0.00185EPSS
Exploits5References3
Cvelist
Cvelistadded 2017/01/10 3:0 p.m.13 views

CVE-2015-4593

eClinicalWorks Population Health CCMR suffers from a cross-site request forgery CSRF vulnerability in portalUserService.jsp which allows remote attackers to hijack the authentication of content administrators for requests that could lead to the creation, modification and deletion of users,...

8.9AI score0.00185EPSS
Exploits5References3
Exploit DB
Exploit DBadded 2016/02/02 12:0 a.m.40 views

eClinicalWorks (CCMR) - Multiple Vulnerabilities

Title: eClinicalWorks CCMR - Multiple Vulnerabilities Vendor: https://www.eclinicalworks.com Product: eClinicalWorks Population Health CCMR Client Portal Software URL: https://www.eclinicalworks.com/products-services/population-health-ccmr/ Credit: Jerold Hoong -----------------------------------...

9.8CVSS7.4AI score0.12264EPSS
Exploits8
Prion
Prionadded 2015/06/09 2:59 p.m.9 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Test/WorkArea/DmsMenu/menuActions/MenuActions.aspx in Ektron Content Management System CMS before 9.10 SP1 Build 9.1.0.184.1.120 allows remote attackers to hijack the authentication of content administrators for requests that delete content via a...

5.8CVSS7.4AI score0.00751EPSS
Exploits5References5Affected Software1
Rows per page
Query Builder