Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/05/22 3:24 p.m.9 views

CVE-2026-9245

Improper input validation in the external authentication provider flow in Devolutions Server allows an unauthenticated remote attacker to redirect victims to an attacker-controlled domain via a crafted login link. This issue affects : Devolutions Server 2026.1.6.0 through 2026.1.16.0 Devolutions...

5.8AI score0.00169EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.14 views

PT-2026-42791

Improper input validation in the external authentication provider flow in Devolutions Server allows an unauthenticated remote attacker to redirect victims to an attacker-controlled domain via a crafted login link. This issue affects : Devolutions Server 2026.1.6.0 through 2026.1.16.0 Devolutions...

5.8AI score0.00169EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/05/04 12:0 a.m.3 views

nopCommerce 输入验证错误漏洞

nopCommerce is an open source general purpose e-commerce platform. A security vulnerability exists in nopCommerce version 4.50.1, which originates from an open redirection vulnerability triggered by clicking a specially crafted link to authenticate against a nopCommerc page...

6.1CVSS6.3AI score0.00678EPSS
Exploits1References3
OSV
OSV
added 2018/08/21 4:29 p.m.4 views

CVE-2018-15528

Reflected Cross-Site Scripting exists in the Java System Solutions SSO plugin 4.0.13.1 for BMC MyIT. A remote attacker can abuse this issue to inject client-side scripts into the "selectsso" function. The payload is triggered when the victim opens a prepared /ux/jss-sso/arslogin?XSS link and then...

6.1CVSS5.8AI score0.01315EPSS
Exploits3References2
Rows per page
Query Builder