CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

19 matches found

RedhatCVE•added 2025/05/23 9:37 a.m.•5 views

CVE-2024-24396

Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the search bar component...

6.1CVSS7.2AI score0.01776EPSS

Exploits1References1

OSV•added 2024/02/06 12:30 a.m.•14 views

GHSA-GFQF-9W98-7JMX Stimulsoft Dashboard.JS directory traversal vulnerability

Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.3 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName parameter of the Save function...

9.1CVSS9.6AI score0.30505EPSS

Exploits1References5

Github Security Blog•added 2024/02/06 12:30 a.m.•18 views

Stimulsoft Dashboard.JS directory traversal vulnerability

Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.3 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName parameter of the Save function...

9.8CVSS8AI score0.30505EPSS

Exploits1References5Affected Software1

OSV•added 2024/02/06 12:15 a.m.•1 views

CVE-2024-24398

Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName parameter of the Save function...

9.8CVSS6.1AI score0.30505EPSS

Exploits1References3

Cvelist•added 2024/02/06 12:0 a.m.•13 views

CVE-2024-24398

Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName parameter of the Save function...

9.8AI score0.30505EPSS

Exploits1References3

Vulnrichment•added 2024/02/06 12:0 a.m.•5 views

CVE-2024-24398

Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName parameter of the Save function...

9.6AI score0.30505EPSS

Exploits1References3

CVE•added 2024/02/06 12:0 a.m.•43 views

CVE-2024-24398

Stimulsoft Dashboard.JS contains a Directory Traversal vulnerability in the Save function’s fileName parameter, enabling remote arbitrary code execution. Affected versions include before 2024.1.2 (and variants noted in multiple advisories, e.g., before 2024.1.2/1.2 and before 2024.1.3 in separate...

9.8CVSS9.5AI score0.30505EPSS

Exploits1References3Affected Software1

OSV•added 2024/02/05 9:30 p.m.•15 views

GHSA-9M6M-C64R-W4F4 Stimulsoft Dashboard.JS Cross Site Scripting vulnerability

Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the search bar component...

6.1CVSS6.3AI score0.01776EPSS

Exploits1References5

NVD•added 2024/02/05 7:15 p.m.•18 views

CVE-2024-24396

Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the search bar component...

6.1CVSS6.3AI score0.01776EPSS

Exploits1References3

Github Security Blog•added 2024/02/05 6:31 p.m.•21 views

Stimulsoft Dashboard.JS Cross Site Scripting vulnerability

Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the ReportName field...

5.4CVSS7.2AI score0.01221EPSS

Exploits1References5Affected Software1

OSV•added 2024/02/05 4:15 p.m.•4 views

CVE-2024-24397

Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the ReportName field...

5.4CVSS5.7AI score0.01221EPSS

Exploits1References3

Positive Technologies•added 2024/02/05 12:0 a.m.•2 views

PT-2024-20382 · Stimulsoft · Stimulsoft Dashboard.Js

Name of the Vulnerable Software and Affected Versions: Stimulsoft Dashboard.JS versions prior to 2024.1.2 Description: The issue allows a remote attacker to execute arbitrary code via a crafted payload to the ReportName field. This enables the attacker to perform Cross Site Scripting attacks...

5.4CVSS5.7AI score0.01221EPSS

Exploits1References10

CVE•added 2024/02/05 12:0 a.m.•32 views

CVE-2024-24396

Stimulsoft Dashboard.JS (Stimulsoft GmbH)

6.1CVSS6.3AI score0.01776EPSS

Exploits1References3Affected Software1

CVE•added 2024/02/05 12:0 a.m.•45 views

CVE-2024-24397

Summary : CVE-2024-24397 affects Stimulsoft Dashboard.JS prior to 2024.1.2. The vulnerability is a Cross Site Scripting (XSS) flaw due to improper sanitization of the ReportName field, enabling a remote attacker to execute arbitrary code via a crafted payload. The commonly cited impact is client-...

5.4CVSS5.7AI score0.01221EPSS

Exploits1References3Affected Software1

CNNVD•added 2024/02/05 12:0 a.m.•2 views

Stimulsoft GmbH Stimulsoft Dashboard.JS security vulnerability

Stimulsoft GmbH Stimulsoft Dashboard.JS is a powerful dashboard development tool from Stimulsoft. A security vulnerability exists in Stimulsoft GmbH Stimulsoft Dashboard.JS versions prior to v.2024.1.2. An attacker can exploit this vulnerability to execute arbitrary code via a specially crafted...

9.8CVSS7.6AI score0.30505EPSS

Exploits1References2

CNNVD•added 2024/02/05 12:0 a.m.•2 views

Stimulsoft GmbH Stimulsoft Dashboard.JS security vulnerability

Stimulsoft GmbH Stimulsoft Dashboard.JS is a powerful dashboard development tool from Stimulsoft. A security vulnerability exists in Stimulsoft GmbH Stimulsoft Dashboard.JS versions prior to v.2024.1.2. A remote attacker can exploit this vulnerability to execute arbitrary code via a specially...

5.4CVSS7.7AI score0.01221EPSS

Exploits1References4

CNNVD•added 2024/02/05 12:0 a.m.•1 views

Stimulsoft GmbH Stimulsoft Dashboard.JS security vulnerability

Stimulsoft GmbH Stimulsoft Dashboard.JS is a powerful dashboard development tool from Stimulsoft. A security vulnerability exists in Stimulsoft GmbH Stimulsoft Dashboard.JS versions prior to v.2024.1.2. A remote attacker can exploit this vulnerability to execute arbitrary code via a specially...

6.1CVSS7.7AI score0.01776EPSS

Exploits1References4

Veracode•added 2023/01/05 4:38 a.m.•52 views

Cross-site Scripting (XSS)

graphite-web is vulnerable to cross-site scripting. The vulnerability exists because the updateTimeRange function of dashboard.js does not properly escape the Absolute Time Range values before being rendered, allowing an attacker to inject and execute malicious JavaScript...

5.4CVSS5.4AI score0.00433EPSS

Exploits1References5Affected Software2

Veracode•added 2023/01/05 3:29 a.m.•52 views

Cross-site Scripting (XSS)

graphite-web is vulnerable to cross-site scripting. The vulnerability exists because the updateTimeRange function of dashboard.js does not properly escape the Relative Time Range values before being rendered, allowing an attacker to inject and execute malicious javascript...

5.4CVSS5.4AI score0.00429EPSS

Exploits1References5Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by