Lucene search
K

6 matches found

Nuclei
Nuclei
added 9 hours ago93 views

Rukovoditel <= 3.2.1 - Cross Site Scripting

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting XSS vulnerability in /index.php?module=configuration/application. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Copyright Text field after clicking...

5.4CVSS6.3AI score0.00903EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-47879

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00903EPSS
Exploits1References2
OSV
OSV
added 2022/12/02 8:15 p.m.5 views

CVE-2022-44952

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting XSS vulnerability in /index.php?module=configuration/application. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Copyright Text field after clicking "Ad...

5.4CVSS5.9AI score0.00903EPSS
Exploits1References2
NVD
NVD
added 2022/12/02 8:15 p.m.23 views

CVE-2022-44952

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting XSS vulnerability in /index.php?module=configuration/application. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Copyright Text field after clicking "Ad...

5.4CVSS0.00903EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/12/02 12:0 a.m.4 views

Rukovoditel 跨站脚本漏洞

Rukovoditel is a set of Web-based open source project management software from the Rukovoditel team. The software has project management, customer relationship management and other functions. Rukovoditel v3.2.1 version has a security vulnerability , the vulnerability stems from the discovery via...

5.4CVSS5.8AI score0.00903EPSS
Exploits1References3
OSV
OSV
added 2021/08/26 6:15 p.m.3 views

CVE-2020-18469

Stored cross-site scripting XSS vulnerability in the Copyright Text field found in the Application page under the Configuration menu in Rukovoditel 2.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted website name by doing an authenticated POST HTTP request to...

5.4CVSS5.8AI score0.00544EPSS
Exploits1References2
Rows per page
Query Builder