23 matches found
CVE-2026-1959
Stored Cross-Site Scripting XSS vulnerability in Loggro Pymes, via the 'descripción' parameter in the '/loggrodemo/jbrain/MaestraCuentasBancarias' endpoint...
CVE-2026-1959 Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes
Stored Cross-Site Scripting XSS vulnerability in Loggro Pymes, via the 'descripción' parameter in the '/loggrodemo/jbrain/MaestraCuentasBancarias' endpoint...
CVE-2026-1959
Stored Cross-Site Scripting (XSS) vulnerability in Loggro Pymes, exploitable via the 'descripción' parameter in the '/loggrodemo/jbrain/MaestraCuentasBancarias' endpoint. The CVE entry indicates a MEDIUM impact (CVSS 4.0: base score 5.1; UI:A; AV:N; AC:L; PR:N; VI/DI/AI: NONE/LOW/NONE). Connected...
CVE-2026-1959
Stored Cross-Site Scripting XSS vulnerability in Loggro Pymes, via the 'descripción' parameter in the '/loggrodemo/jbrain/MaestraCuentasBancarias' endpoint...
CVE-2025-41349
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in '/WinplusPortal/ws/sWinplus...
CVE-2025-41350
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in...
EUVD-2025-197977
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in...
EUVD-2025-197975
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in '/WinplusPortal/ws/sWinplus...
CVE-2025-41350
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in...
CVE-2025-41350
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in...
CVE-2025-41349
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in '/WinplusPortal/ws/sWinplus...
CVE-2025-41349
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in '/WinplusPortal/ws/sWinplus...
CVE-2025-41350 Stored Cross-Site Scripting (XSS) in WinPlus by Informática del Este
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in...
CVE-2025-41350 Stored Cross-Site Scripting (XSS) in WinPlus by Informática del Este
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in...
CVE-2025-41350
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in...
CVE-2025-41349 Stored Cross-Site Scripting (XSS) in WinPlus by Informática del Este
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in '/WinplusPortal/ws/sWinplus...
CVE-2025-41349 Stored Cross-Site Scripting (XSS) in WinPlus by Informática del Este
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in '/WinplusPortal/ws/sWinplus...
CVE-2025-41349
Stored Cross-site Scripting XSSvylnerability type in WinPlus v24.11.27 byInformática del Este that consist of an stored XSS of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'descripcion' parameter in '/WinplusPortal/ws/sWinplus...
CVE-2025-41349
CVE-2025-41349 affects WinPlus v24.11.27 by Informática del Este. A Stored XSS flaw arises from insufficient validation of the descripcion parameter sent via POST to the API endpoint /WinplusPortal/ws/sWinplus.svc/json/savesolpla_post, exploitable by a remote attacker against an authenticated use...
PT-2025-47300
Name of the Vulnerable Software and Affected Versions WinPlus version 24.11.27 Description A stored Cross-site Scripting XSS issue exists in WinPlus version 24.11.27 due to insufficient validation of user-supplied data. This allows a remote attacker to send a malicious query to an authenticated...