Lucene search
K

97 matches found

Prion
Prion
added 2021/03/23 2:15 p.m.14 views

Cross site scripting

A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "limit" parameter...

3.5CVSS4.9AI score0.00786EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/03/23 2:15 p.m.12 views

Cross site scripting

A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "refID" parameter...

3.5CVSS4.9AI score0.00786EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/03/23 2:15 p.m.16 views

Cross site scripting

A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "valueID" parameter...

3.5CVSS4.9AI score0.00786EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/03/23 2:15 p.m.18 views

Cross site scripting

A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allow remote attacker to inject javascript via URI in /index.php...

3.5CVSS4.9AI score0.00786EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/03/23 1:21 p.m.44 views

CVE-2021-27526

DynPG 4.9.2 is affected by CVE-2021-27526, a cross-site scripting (XSS) vulnerability that allows remote attackers to inject JavaScript through the "page" parameter. The connected sources confirm the affected product/version and the vulnerability type, but do not provide exploitation details or a...

4.8CVSS4.9AI score0.00786EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/03/23 1:21 p.m.18 views

CVE-2021-27526

A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "page" parameter...

5.2AI score0.00786EPSS
Exploits1References1
CVE
CVE
added 2021/03/23 1:20 p.m.37 views

CVE-2021-27527

DynPG 4.9.2 is affected by an XSS vulnerability where an attacker can inject JavaScript via the valueID parameter. The issue arises from insufficient input validation in this parameter, enabling remote code execution of scripts in contexts where the vulnerable page renders user-provided input. No...

4.8CVSS4.9AI score0.00786EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/03/23 1:19 p.m.43 views

CVE-2021-27530

DynPG 4.9.2 is affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to inject JavaScript via a URI in /index.php. The connected sources (Red Hat, CNVD, CN, NVD, and others) consistently describe this XSS issue; no specific remediation version is provided in the docu...

4.8CVSS4.9AI score0.00786EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/03/23 1:19 p.m.13 views

CVE-2021-27530

A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allow remote attacker to inject javascript via URI in /index.php...

5.2AI score0.00786EPSS
Exploits1References1
CVE
CVE
added 2021/03/23 1:18 p.m.42 views

CVE-2021-27528

DynPG 4.9.2 is affected by a cross-site scripting (XSS) vulnerability exploitable via the refID parameter. The issue permits remote attackers to inject JavaScript into victims’ sessions, with impact described as browser-level compromise for affected users. CVSS metrics included in the record show...

4.8CVSS4.9AI score0.00786EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/03/23 1:16 p.m.13 views

CVE-2021-27531

A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "query" parameter...

5.2AI score0.0083EPSS
Exploits1References1
CVE
CVE
added 2021/03/23 1:16 p.m.49 views

CVE-2021-27531

CVE-2021-27531 describes a cross-site scripting (XSS) vulnerability in DynPG 4.9.2 where an attacker can inject JavaScript via the URL-parameter "query". The issue is documented in multiple sources (NVD and vendor trackers) as a DynPG XSS vulnerability affecting version 4.9.2, with impact describ...

4.8CVSS4.9AI score0.0083EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/03/23 1:15 p.m.14 views

CVE-2021-27529

A cross-site scripting XSS vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "limit" parameter...

5.2AI score0.00786EPSS
Exploits1References1
CVE
CVE
added 2021/03/23 1:15 p.m.43 views

CVE-2021-27529

CVE-2021-27529 is a documented cross-site scripting (XSS) vulnerability in DynPG version 4.9.2 that allows remote attackers to inject JavaScript via the "limit" parameter. Affected software: DynPG 4.9.2. Root cause and precise impact details beyond the described JavaScript injection via the limit...

4.8CVSS4.9AI score0.00786EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/03/23 12:0 a.m.6 views

Dynpg组织 Dynpg 跨站脚本漏洞

DynPG is a free open source software for managing web content and modules while focusing on business process automation. A cross-site scripting vulnerability exists in DynPG 4.9.2. A remote attacker can exploit this vulnerability by injecting JavaScript via the "refID" parameter...

4.8CVSS5.3AI score0.00786EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/03/23 12:0 a.m.6 views

Dynpg组织 Dynpg 跨站脚本漏洞

DynPG is a free open source software for managing web content and modules while focusing on business process automation. A cross-site scripting vulnerability exists in DynPG 4.9.2. A remote attacker can exploit this vulnerability by injecting JavaScript via the "limit" parameter...

4.8CVSS5.3AI score0.00786EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/03/23 12:0 a.m.6 views

Dynpg组织 Dynpg 跨站脚本漏洞

DynPG is a free open source software for managing web content and modules while focusing on business process automation. A cross-site scripting vulnerability exists in DynPG 4.9.2. A remote attacker can exploit this vulnerability by injecting JavaScript via the "valueID" parameter...

4.8CVSS5.3AI score0.00786EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/03/23 12:0 a.m.5 views

Dynpg组织 Dynpg 跨站脚本漏洞

DynPG is a free open source software for managing web content and modules while focusing on business process automation. A cross-site scripting vulnerability exists in DynPG 4.9.2. A remote attacker can exploit this vulnerability to inject JavaScript via a URI in /index.php...

4.8CVSS5.3AI score0.00786EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/03/23 12:0 a.m.6 views

Dynpg组织 Dynpg 跨站脚本漏洞

DynPG is a free open source software for managing web content and modules while focusing on business process automation. A cross-site scripting vulnerability exists in DynPG 4.9.2. A remote attacker can exploit this vulnerability by injecting JavaScript via the "query" parameter...

4.8CVSS5.3AI score0.0083EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2020/10/12 12:0 a.m.353 views

DynPG 4.9.1 Cross Site Scripting

Exploit Title: DynPG 4.9.1 - Persistent Cross-Site Scripting Authenticated Date: 2020-10-09 Exploit Author: Enes Özeser Vendor Homepage: https://dynpg.org/ Version: 4.9.1 Tested on: Windows & XAMPP == Tutorial alert"XSS"; == HTTP Request alert"XSS";...

7.4AI score
Exploits0
Rows per page
Query Builder