Lucene search
K

6 matches found

NVD
NVD
added 2024/08/05 5:15 p.m.21 views

CVE-2024-41376

dzzoffice 2.02.1 is vulnerable to Directory Traversal via user/space/about.php...

8.8CVSS0.00959EPSS
Exploits1References1
NVD
NVD
added 2021/10/12 6:15 p.m.17 views

CVE-2021-40292

A Stored Cross Site Sripting XSS vulnerability exists in DzzOffice 2.02.1 via the settingnew parameter...

5.4CVSS0.00499EPSS
Exploits1References1
Prion
Prion
added 2021/10/12 6:15 p.m.14 views

Cross site scripting

A Stored Cross Site Sripting XSS vulnerability exists in DzzOffice 2.02.1 via the settingnew parameter...

3.5CVSS5.4AI score0.00499EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/10/12 5:31 p.m.41 views

CVE-2021-40292

CVE-2021-40292 describes a stored cross-site scripting (XSS) vulnerability in DzzOffice 2.02.1 exploitable via the settingnew parameter. Multiple connected records confirm the issue and target version; no concrete exploitation details, impact scope, or remediation are provided in the supplied doc...

5.4CVSS5.3AI score0.00499EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/10/11 2:15 p.m.4 views

CVE-2021-40191

Dzzoffice Version 2.02.1 is affected by cross-site scripting XSS due to a lack of sanitization of input data at all upload functions in webroot/dzz/attach/Uploader.class.php and return a wrong response in content-type of output data in webroot/dzz/attach/controller.php...

5.4CVSS5.9AI score0.00487EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2021/04/23 12:0 a.m.295 views

DzzOffice 2.02.1 Cross Site Scripting

Exploit Title: XSS attack app/setting in DzzOffice-2.02.1 Author: @nu11secur1ty Testing and Debugging: @nu11secur1ty, g3ck0dr1v3r Date: 04.23.2021 Vendor: http://www.dzzoffice.com/ Link: https://github.com/zyx0814/dzzoffice CVE: CVE-2021-3318 + Exploit Source: !/usr/bin/python3 Author:...

4.3CVSS6.4AI score0.02848EPSS
Exploits4
Rows per page
Query Builder