Lucene search
+L

4 matches found

Nuclei
Nuclei
added 10 hours ago97 views

QCube Cross-Site-Scripting

A reflected cross-site scripting vulnerability in qcubed all versions including 3.1.1 in profile.php via the stQuery-parameter allows unauthenticated attackers to steal sessions of authenticated users. id: CVE-2020-24912 info: name: QCube Cross-Site-Scripting author: pikpikcu severity: medium...

6.1CVSS6.7AI score0.06289EPSS
Exploits3References5
0day.today
0day.today
added 2021/03/13 12:0 a.m.108 views

QCubed 3.1.1 Cross Site Scripting Vulnerability

QCube Cross-Site-Scripting ====================== | Target: | QCubed Framework | | Vendor: | QCubed | | Version: | all versions including 3.1.1 | | CVE: | CVE-2020-24912 | | Accessibility: | Remote | | Severity: | High | | Author: | Wolfgang Hotwagner AIT Austrian Institute of Technology | SUMMAR...

9.8CVSS8AI score0.40621EPSS
Exploits6
Packet Storm
Packet Storm
added 2021/03/12 12:0 a.m.323 views

QCubed 3.1.1 Cross Site Scripting

QCube Cross-Site-Scripting ====================== | Identifier: | AIT-SA-20210215-03 | | Target: | QCubed Framework | | Vendor: | QCubed | | Version: | all versions including 3.1.1 | | CVE: | CVE-2020-24912 | | Accessibility: | Remote | | Severity: | High | | Author: | Wolfgang Hotwagner AIT...

7.5CVSS8AI score0.40621EPSS
Exploits6
CVE
CVE
added 2021/03/04 12:30 p.m.123 views

CVE-2020-24912

A reflected cross-site scripting (XSS) vulnerability in QCubed, affecting all versions including 3.1.1, resides in profile.php via the stQuery- parameter. Unauthenticated attackers can steal sessions of authenticated users by exploiting this flaw. The Nuclei template and related advisories confir...

6.1CVSS5.9AI score0.06289EPSS
Exploits3References4Affected Software1
Rows per page
Query Builder