Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-13700

Malware in sbrugna...

6.1CVSS6.3AI score0.01101EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-49905

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00617EPSS
Exploits2References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-41426

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.0042EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 9:51 p.m.9 views

CVE-2022-47130

A Cross-Site Request Forgery CSRF in Academy LMS before v5.10 allows a discount coupon to be arbitrarily created if an attacker with administrative privileges interacts on the CSRF page...

4.3CVSS7.1AI score0.00617EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:29 a.m.8 views

CVE-2024-45300

alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5, a race condition allows the user to bypass the limit on the number of promo codes and use the discount coupon multiple times. In "alf.io", an event organizer can apply...

7.5CVSS7AI score0.0042EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/09/06 1:2 p.m.15 views

CVE-2024-45300 Bypassing promo code limitations with race conditions

alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5, a race condition allows the user to bypass the limit on the number of promo codes and use the discount coupon multiple times. In "alf.io", an event organizer can apply...

7.5CVSS7AI score0.0042EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/09/06 12:0 a.m.5 views

alf.io 安全漏洞

Alf.io is a free and open source event attendance management system open-sourced by Alf.io. A security vulnerability exists in versions of alf.io prior to 2.0-M5, which stems from a race condition that could allow a user to bypass the quantity limit of a promotional code and use a discount coupon...

7.5CVSS6.8AI score0.0042EPSS
Exploits1References3
Prion
Prion
added 2023/02/03 1:15 a.m.15 views

Cross site request forgery (csrf)

A Cross-Site Request Forgery CSRF in Academy LMS before v5.10 allows a discount coupon to be arbitrarily created if an attacker with administrative privileges interacts on the CSRF page...

4.3CVSS4.8AI score0.00617EPSS
Exploits2References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/03 12:0 a.m.11 views

CVE-2022-47130

A Cross-Site Request Forgery CSRF in Academy LMS before v5.10 allows a discount coupon to be arbitrarily created if an attacker with administrative privileges interacts on the CSRF page...

7.3AI score0.00617EPSS
Exploits2References3
Cvelist
Cvelist
added 2023/02/03 12:0 a.m.31 views

CVE-2022-47130

A Cross-Site Request Forgery CSRF in Academy LMS before v5.10 allows a discount coupon to be arbitrarily created if an attacker with administrative privileges interacts on the CSRF page...

5AI score0.00617EPSS
Exploits2References3
CNVD
CNVD
added 2021/02/09 12:0 a.m.5 views

nopCommerce Cross-Site Scripting Vulnerability (CNVD-2021-14161)

nopCommerce is an open source e-commerce shopping cart software. A reflective cross-site scripting vulnerability exists in the Discount Coupon component in nopCommerce 4.30. An attacker can exploit this vulnerability to inject arbitrary web script or HTML via the...

6.1CVSS5.8AI score0.01101EPSS
Exploits1References1
OSV
OSV
added 2021/02/08 10:15 p.m.9 views

CVE-2021-26916

In nopCommerce 4.30, a Reflected XSS issue in the Discount Coupon component allows remote attackers to inject arbitrary web script or HTML through the Filters/CheckDiscountCouponAttribute.cs discountcode parameter...

6.1CVSS5.9AI score
Exploits0References1
Cvelist
Cvelist
added 2021/02/08 9:22 p.m.14 views

CVE-2021-26916

In nopCommerce 4.30, a Reflected XSS issue in the Discount Coupon component allows remote attackers to inject arbitrary web script or HTML through the Filters/CheckDiscountCouponAttribute.cs discountcode parameter...

6.1AI score0.01101EPSS
Exploits1References1
CVE
CVE
added 2021/02/08 9:22 p.m.61 views

CVE-2021-26916

CVE-2021-26916 in nopCommerce 4.30 is a reflected cross-site scripting vulnerability in the Discount Coupon component. The flaw allows an attacker to inject arbitrary web script or HTML via the DiscountCode parameter located in Filters/CheckDiscountCouponAttribute.cs. The description across multi...

6.1CVSS5.9AI score0.01101EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/02/08 12:0 a.m.7 views

nopCommerce 跨站脚本漏洞

nopCommerce is an open source e-commerce shopping cart software. A reflective cross-site scripting vulnerability exists in the Discount Coupon component in nopCommerce 4.30. An attacker can exploit this vulnerability to inject arbitrary web script or HTML via the...

6.1CVSS6.3AI score0.01101EPSS
Exploits1References2
xssed
xssed
added 2008/01/03 12:0 a.m.8 views

Unfixed XSS vulnerability at www.24designs.net

Security researcher s0m3nak3dguy, has submitted on 01/03/2008 a cross-site-scripting XSS vulnerability affecting www.24designs.net, which at the time of submission ranked 5140669 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/03/2008. It is...

6.6AI score
Exploits0References1
Rows per page
Query Builder