3 matches found
CVE-2024-30927
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the racer-results.php component...
CVE-2024-30927
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the racer-results.php component...
CVE-2024-30927
CVE-2024-30927 affects DerbyNet v9.0 and earlier, with a Cross Site Scripting vulnerability in the racer-results.php component. The issue stems from improper handling/validation of user-supplied input (notably the racerid parameter), allowing an attacker to inject arbitrary script that can be exe...