Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2008-0879

Malware in sbrugna...

4.3CVSS6.4AI score0.0172EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-3124

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00278EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/10 12:0 a.m.8 views

PT-2025-4826 · Redcap · Redcap

Name of the Vulnerable Software and Affected Versions: REDCap version 14.9.6 Description: A Reflected cross-site scripting XSS vulnerability exists in the email-subject field when uploading a CSV file containing a list of alert configurations. An attacker can send a CSV file with the XSS payload ...

6.1CVSS5.5AI score0.00278EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/01/10 12:0 a.m.12 views

CVE-2025-23110

An issue was discovered in REDCap 14.9.6. A Reflected cross-site scripting XSS vulnerability in the email-subject field exists while performing an upload of a CSV file containing a list of alert configurations. An attacker can send the victim a CSV file containing the XSS payload in the...

6.1CVSS5.8AI score0.00278EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/10 12:0 a.m.17 views

CVE-2025-23110

An issue was discovered in REDCap 14.9.6. A Reflected cross-site scripting XSS vulnerability in the email-subject field exists while performing an upload of a CSV file containing a list of alert configurations. An attacker can send the victim a CSV file containing the XSS payload in the...

6.1CVSS0.00278EPSS
Exploits0References1
CVE
CVE
added 2025/01/10 12:0 a.m.65 views

CVE-2025-23110

CVE-2025-23110 affects REDCap v14.9.6. A reflected XSS vulnerability exists in the email-subject field when uploading a CSV containing alert configurations; a victim who opens the uploaded data and clicks the email-subject may trigger the payload. Affected component: email-subject handling during...

6.1CVSS5.8AI score0.00278EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/22 12:0 a.m.18 views

Mail Queue < 1.2 - Unauthenticated Stored Cross-Site Scripting

The plugin does not properly sanitize and escape user input for the email subject field. This can lead to the injection of arbitrary web scripts that execute whenever a page is accessed...

7.2CVSS7.4AI score0.00443EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2020/12/29 12:0 a.m.7 views

Opencart 跨站脚本漏洞

OpenCart is a PHP-based open source online e-commerce solution. A cross-site scripting vulnerability exists in the email Subject field in OpenCart 3.0.3.6. An attacker can exploit this vulnerability to steal cookies...

4.8CVSS5.6AI score0.0169EPSS
Exploits3References2
Rows per page
Query Builder