Lucene search
K

4 matches found

Packet Storm
Packet Storm
added 2018/03/28 12:0 a.m.38 views

Open-AuditIT Professional 2.1 Cross Site Scripting

Exploit Title: Open-AuditIT Professional 2.1 - Stored Cross site scripting XSS Date: 27-03-2018 Exploit Author: Nilesh Sapariya Contact: https://twitter.com/nileshloganx Website: https://nileshsapariya.blogspot.com Vendor Homepage: https://www.open-audit.org/ Version: 2.1 CVE : CVE-2018-8903...

5.6AI score0.01643EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/03/28 12:0 a.m.34 views

Open-AuditIT Professional 2.1 - Cross-Site Scripting

Exploit Title: Open-AuditIT Professional 2.1 - Stored Cross site scripting XSS Date: 27-03-2018 Exploit Author: Nilesh Sapariya Contact: https://twitter.com/nileshloganx Website: https://nileshsapariya.blogspot.com Vendor Homepage: https://www.open-audit.org/ Version: 2.1 CVE : CVE-2018-8903...

5.4CVSS5.5AI score0.01643EPSS
Exploits5
ATTACKERKB
ATTACKERKB
added 2018/03/22 9:29 p.m.2 views

CVE-2018-8903

Open-AudIT Professional 2.1 allows XSS via the Name or Description field on the Credentials screen...

5.4CVSS5.4AI score0.01643EPSS
Exploits5References3
CVE
CVE
added 2018/03/22 9:0 p.m.59 views

CVE-2018-8903

CVE-2018-8903 affects Open-AuditIT/Open‑Audit Professional 2.1. The vulnerability is a stored XSS via the Name or Description fields on the Credentials page, stemming from insufficient input sanitization. Public references in the connected documents confirm exploitation guidance (stored XSS PoC) ...

5.4CVSS5.2AI score0.01643EPSS
Exploits5References2Affected Software1
Rows per page
Query Builder