97 matches found
Cross site scripting
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "limit" parameter...
Cross site scripting
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "refID" parameter...
Cross site scripting
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "valueID" parameter...
Cross site scripting
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allow remote attacker to inject javascript via URI in /index.php...
CVE-2021-27526
DynPG 4.9.2 is affected by CVE-2021-27526, a cross-site scripting (XSS) vulnerability that allows remote attackers to inject JavaScript through the "page" parameter. The connected sources confirm the affected product/version and the vulnerability type, but do not provide exploitation details or a...
CVE-2021-27526
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "page" parameter...
CVE-2021-27527
DynPG 4.9.2 is affected by an XSS vulnerability where an attacker can inject JavaScript via the valueID parameter. The issue arises from insufficient input validation in this parameter, enabling remote code execution of scripts in contexts where the vulnerable page renders user-provided input. No...
CVE-2021-27530
DynPG 4.9.2 is affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to inject JavaScript via a URI in /index.php. The connected sources (Red Hat, CNVD, CN, NVD, and others) consistently describe this XSS issue; no specific remediation version is provided in the docu...
CVE-2021-27530
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allow remote attacker to inject javascript via URI in /index.php...
CVE-2021-27528
DynPG 4.9.2 is affected by a cross-site scripting (XSS) vulnerability exploitable via the refID parameter. The issue permits remote attackers to inject JavaScript into victims’ sessions, with impact described as browser-level compromise for affected users. CVSS metrics included in the record show...
CVE-2021-27531
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "query" parameter...
CVE-2021-27531
CVE-2021-27531 describes a cross-site scripting (XSS) vulnerability in DynPG 4.9.2 where an attacker can inject JavaScript via the URL-parameter "query". The issue is documented in multiple sources (NVD and vendor trackers) as a DynPG XSS vulnerability affecting version 4.9.2, with impact describ...
CVE-2021-27529
A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "limit" parameter...
CVE-2021-27529
CVE-2021-27529 is a documented cross-site scripting (XSS) vulnerability in DynPG version 4.9.2 that allows remote attackers to inject JavaScript via the "limit" parameter. Affected software: DynPG 4.9.2. Root cause and precise impact details beyond the described JavaScript injection via the limit...
Dynpg组织 Dynpg 跨站脚本漏洞
DynPG is a free open source software for managing web content and modules while focusing on business process automation. A cross-site scripting vulnerability exists in DynPG 4.9.2. A remote attacker can exploit this vulnerability by injecting JavaScript via the "refID" parameter...
Dynpg组织 Dynpg 跨站脚本漏洞
DynPG is a free open source software for managing web content and modules while focusing on business process automation. A cross-site scripting vulnerability exists in DynPG 4.9.2. A remote attacker can exploit this vulnerability by injecting JavaScript via the "limit" parameter...
Dynpg组织 Dynpg 跨站脚本漏洞
DynPG is a free open source software for managing web content and modules while focusing on business process automation. A cross-site scripting vulnerability exists in DynPG 4.9.2. A remote attacker can exploit this vulnerability by injecting JavaScript via the "valueID" parameter...
Dynpg组织 Dynpg 跨站脚本漏洞
DynPG is a free open source software for managing web content and modules while focusing on business process automation. A cross-site scripting vulnerability exists in DynPG 4.9.2. A remote attacker can exploit this vulnerability to inject JavaScript via a URI in /index.php...
Dynpg组织 Dynpg 跨站脚本漏洞
DynPG is a free open source software for managing web content and modules while focusing on business process automation. A cross-site scripting vulnerability exists in DynPG 4.9.2. A remote attacker can exploit this vulnerability by injecting JavaScript via the "query" parameter...
DynPG 4.9.1 Cross Site Scripting
Exploit Title: DynPG 4.9.1 - Persistent Cross-Site Scripting Authenticated Date: 2020-10-09 Exploit Author: Enes Özeser Vendor Homepage: https://dynpg.org/ Version: 4.9.1 Tested on: Windows & XAMPP == Tutorial alert"XSS"; == HTTP Request alert"XSS";...