EUVD-2023-41084

Malicious code in bioql PyPI...

CVE-2023-37164

Diafan CMS v6.0 was discovered to contain a reflected cross-site scripting via the catid parameter at /shop/?module=shop=search...

CVE-2023-37164

Diafan CMS v6.0 was discovered to contain a reflected cross-site scripting via the catid parameter at /shop/?module=shop&action=search...

CVE-2023-37164

Diafan CMS v6.0 was discovered to contain a reflected cross-site scripting via the catid parameter at /shop/?module=shop&action=search...

Cross site scripting

Diafan CMS v6.0 was discovered to contain a reflected cross-site scripting via the catid parameter at /shop/?module=shop&action=search...

CVE-2023-37164

Diafan CMS v6.0 was discovered to contain a reflected cross-site scripting via the catid parameter at /shop/?module=shop&action=search...

Diafan CMS 跨站脚本漏洞

Diafan CMS is a website builder from Diafan. It is used to create online stores. A cross-site scripting vulnerability exists in Diafan CMS v6.0, which originates from the lack of effective filtering and escaping of user-supplied data in the catid parameter of /shop/?module=shop&action=search, whi...

CVE-2023-37164

CVE-2023-37164 describes a reflected cross-site scripting vulnerability in Diafan CMS v6.0. The issue arises from insufficient filtering/escaping of user-supplied data in the cat_id parameter of the endpoint "/shop/?module=shop&action=search". This permits an attacker to inject arbitrary web scri...

PT-2023-25813 · Unknown · Diafan Cms

Name of the Vulnerable Software and Affected Versions: Diafan CMS version 6.0 Description: The issue is related to a reflected cross-site scripting vulnerability. It occurs via the cat id parameter at the "/shop/?module=shop&action=search" API endpoint. Recommendations: For Diafan CMS version 6.0...

CVE-2023-37164

Diafan CMS v6.0 was discovered to contain a reflected cross-site scripting via the catid parameter at /shop/?module=shop&action=search...

Diafan CMS 6.0 Cross Site Scripting

Exploit Title: Diafan CMS 6.0 - Reflected Cross-Site Scripting XSS Exploit Author: tmrswrr / Hulya Karabag Vendor Homepage: https://www.diafancms.com/ Version: 6.0 Tested on: https://demo.diafancms.com Description: 1 https://demo.diafancms.com/ Go to main page and write your payload in Search in...

Diafan CMS 6.0 - Reflected Cross-Site Scripting (XSS)

Exploit Title: Diafan CMS 6.0 - Reflected Cross-Site Scripting XSS Exploit Author: tmrswrr / Hulya Karabag Vendor Homepage: https://www.diafancms.com/ Version: 6.0 Tested on: https://demo.diafancms.com Description: 1 https://demo.diafancms.com/ Go to main page and write your payload in Search in...

Diafan CMS 6.0 - Reflected Cross-Site Scripting Vulnerability

Exploit Title: Diafan CMS 6.0 - Reflected Cross-Site Scripting XSS Exploit Author: tmrswrr / Hulya Karabag Vendor Homepage: https://www.diafancms.com/ Version: 6.0 Tested on: https://demo.diafancms.com Description: 1 https://demo.diafancms.com/ Go to main page and write your payload in Search in...

Diafan CMS 4.3 Cross Site Request Forgery / Cross Site Scripting

====================================== Vulnerability ID: HTB22776 Reference: http://www.htbridge.ch/advisory/storedxssvulnerabilityindiafancms.html Product: diafan.CMS Vendor: Diafan http://www.diafan.ru/ Vulnerable Version: 4.3 and probably prior versions Vendor Notification: 28 December 2010...