4 matches found
CVE-2019-8391
qdPM 9.1 suffers from Cross-site Scripting XSS via configuration?type=XSS parameter...
CVE-2019-8391
CVE-2019-8391 affects qdPM 9.1 with a Cross-site Scripting (XSS) flaw exploitable via the configuration page parameter type (type=[XSS]). The vulnerability arises from unsafely handling the type parameter, enabling script injection in web pages accessed by users. Public exploit examples exist (e....
qdPM 9.1 - type Cross-Site Scripting
qdPM 9.1 - type Cross-Site Scripting =========================================================================================== Exploit Title: qdPM 9.1 - 'type' XSS Injection CVE: CVE-2019-8391. Date: 14-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: http://qdpm.net Software Link:...
qdPM 9.1 - 'type' Cross-Site Scripting
=========================================================================================== Exploit Title: qdPM 9.1 - 'type' XSS Injection CVE: CVE-2019-8391. Date: 14-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: http://qdpm.net Software Link:...