Lucene search
K

4 matches found

exploitpack
exploitpack
added 2018/08/06 12:0 a.m.21 views

LAMS 3.1 - Cross-Site Scripting

LAMS 3.1 - Cross-Site Scripting Exploit Title: LAMS 3.1 - Cross-Site Scripting Date: 2018-08-05 Exploit Author: Nikola Kojic Website: https://ras-it.rs/ Vendor Homepage: https://www.lamsfoundation.org/ Software Link: https://www.lamsfoundation.org/downloadshome.htm Category: Web Application...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/06 12:0 a.m.43 views

LAMS < 3.1 - Cross-Site Scripting

Exploit Title: LAMS 3.1 - Cross-Site Scripting Date: 2018-08-05 Exploit Author: Nikola Kojic Website: https://ras-it.rs/ Vendor Homepage: https://www.lamsfoundation.org/ Software Link: https://www.lamsfoundation.org/downloadshome.htm Category: Web Application Platform: Java Version: = 3.1 CVE:...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2018/06/11 10:0 a.m.12 views

CVE-2018-12090

There is unauthenticated reflected cross-site scripting XSS in LAMS before 3.1 that allows a remote attacker to introduce arbitrary JavaScript via manipulation of an unsanitized GET parameter during a forgotPasswordChange.jsp?key= password change...

6.2AI score0.02244EPSS
Exploits3References2
CVE
CVE
added 2018/06/11 10:0 a.m.54 views

CVE-2018-12090

LAMS prior to 3.1 is affected by an unauthenticated reflected XSS that allows injection of arbitrary JavaScript via an unsanitized GET parameter in forgotPasswordChange.jsp?key=. This is triggered through remote access without authentication; impact is confined to script execution in the victim’s...

6.1CVSS6.2AI score0.02244EPSS
Exploits3References2Affected Software1
Rows per page
Query Builder