Lucene search
+L

28 matches found

Prion
Prion
added 2022/10/28 5:15 p.m.11 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Global Variables feature /index.php?module=globalvars/vars of Rukovoditel v3.2.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Value parameter after clicking "Create"...

4.9CVSS5.1AI score0.00874EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/12/31 3:29 p.m.15 views

CVE-2018-19904

Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page "body" field...

6.1CVSS6AI score0.00865EPSS
Exploits1References1
Prion
Prion
added 2018/12/31 3:29 p.m.12 views

Cross site scripting

Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page title field...

4.3CVSS6AI score0.00707EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2018/12/31 3:0 p.m.5 views

CVE-2018-19904

Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page "body" field...

6.1AI score0.00865EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/12/31 3:0 p.m.16 views

CVE-2018-19903

Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page title field...

6AI score0.00707EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/12/31 3:0 p.m.18 views

CVE-2018-19904

Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page "body" field...

6AI score0.00865EPSS
Exploits1References1
CVE
CVE
added 2018/12/31 3:0 p.m.40 views

CVE-2018-19904

CVE-2018-19904 corresponds to a Persistent XSS in XSLT CMS, exploitable via the create/?action=items.edit&type=Page endpoint in the body field. The vulnerability is documented across multiple sources (NVD entry and related advisories) and is described as XSS affecting the body field, with PoC ind...

6.1CVSS5.9AI score0.00865EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2012/02/18 12:55 a.m.25 views

CVE-2012-1198

baseagmain.php in Basic Analysis and Security Engine BASE 1.4.5 allows remote attackers to execute arbitrary code by uploading contents of the file with an executable extension via a create action, then accessing it via a view action...

7.5CVSS6.2AI score0.05263EPSS
Exploits1References1
Rows per page
Query Builder