Lucene search
+L

4 matches found

Exploit DB
Exploit DB
added 2025/12/03 12:0 a.m.168 views

RosarioSIS 6.7.2 - Cross Site Scripting (XSS)

Exploit Title: RosarioSIS 6.7.2 - Cross Site Scripting XSS Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://gitlab.com/francoisjacquet/rosariosis Software Link: https://gitlab.com/francoisjacquet/rosariosis Version: 6.7.2 Tested on: Windows CVE : CVE-2020-15716 Proof Of Concep...

6.1CVSS6.3AI score0.05557EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/04/16 4:1 p.m.13 views

CVE-2020-15716

RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Preferences.php script. A remote attacker could exploit this vulnerability using the tab parameter in a crafted URL...

6.1CVSS6.8AI score0.05557EPSS
Exploits2
OSV
OSV
added 2020/07/15 7:15 p.m.16 views

CVE-2020-15716

RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Preferences.php script. A remote attacker could exploit this vulnerability using the tab parameter in a crafted URL...

6.1CVSS6.7AI score0.05557EPSS
Exploits2References6
CVE
CVE
added 2020/07/15 7:0 p.m.47 views

CVE-2020-15716

RosarioSIS 6.7.2 contains a stored/reflected XSS in Preferences.php caused by improper validation of user input. An attacker can craft a URL with a manipulated tab parameter to execute injected script in a victim’s browser. The condition requires user interaction (depending on request flow) and a...

6.1CVSS6.1AI score0.05557EPSS
Exploits2References6Affected Software1
Rows per page
Query Builder