Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-13039

Malware in sbrugna...

6.1CVSS6.2AI score0.05273EPSS
Exploits4References4
0day.today
0day.today
added 2019/05/09 12:0 a.m.235 views

Zoho ManageEngine ADSelfService Plus 5.7 < 5702 build - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications + Zoho ManageEngine ADSelfService Plus 5.7 &searchType=contains&searchBy=ALLFIELDS&actionId=Search HTTP/1.1 &adscsrf= 4- Stored XSS in self-...

4.3CVSS0.1AI score0.05273EPSS
Exploits4
OSV
OSV
added 2019/03/25 7:29 p.m.3 views

CVE-2018-12652

A Reflected Cross Site Scripting XSS Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the LeaveEmployeeSearch.aspx prntFrmName or prntDDLCntrlName parameter...

6.1CVSS5.8AI score0.0086EPSS
Exploits1References2
NVD
NVD
added 2018/12/26 6:29 p.m.20 views

CVE-2018-20485

Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the employee search feature...

6.1CVSS6AI score0.05273EPSS
Exploits4References2
Prion
Prion
added 2018/12/26 6:29 p.m.22 views

Design/Logic Flaw

Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the employee search feature...

4.3CVSS5.9AI score0.05273EPSS
Exploits4References2Affected Software1
OSV
OSV
added 2018/12/26 6:29 p.m.3 views

CVE-2018-20485

Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the employee search feature...

6.1CVSS5.8AI score0.05273EPSS
Exploits4References2
CVE
CVE
added 2018/12/26 6:0 p.m.74 views

CVE-2018-20485

Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 is affected by a Cross‑Site Scripting (XSS) vulnerability in the Employee Search feature. The issue originates from an XSS flaw in the employee search handling, enabling injection of arbitrary web script or HTML. Public sources (e.g., exp...

6.1CVSS5.9AI score0.05273EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2018/12/26 6:0 p.m.34 views

CVE-2018-20485

Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the employee search feature...

6AI score0.05273EPSS
Exploits4References2
CNVD
CNVD
added 2018/12/21 12:0 a.m.5 views

Adrenalin HRMS Software Cross-Site Scripting Vulnerability (CNVD-2018-26800)

Adrenalin HRMS Software is a human resource management system from Adrenalin eSystems India. A cross-site scripting vulnerability exists in Adrenalin HRMS Software version 5.4.0, which can be exploited by a remote attacker to execute JavaScript code by sending the 'prntFrmName' or '...

6.1CVSS6.6AI score0.0086EPSS
Exploits1References1
OSV
OSV
added 2018/12/20 11:29 p.m.3 views

CVE-2018-12651

A Reflected Cross Site Scripting XSS Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the ShiftEmployeeSearch.aspx prntFrmName or prntDDLCntrlName parameter...

6.1CVSS5.8AI score0.0086EPSS
Exploits1References2
OSV
OSV
added 2018/10/24 9:29 p.m.4 views

CVE-2018-12650

Adrenalin HRMS version 5.4.0 contains a Reflected Cross Site Scripting XSS vulnerability in the ApplicationtEmployeeSearch page via 'prntDDLCntrlName' and 'prntFrmName'...

6.1CVSS5.8AI score0.02607EPSS
Exploits5References3
Openbugbounty
Openbugbounty
added 2015/11/20 12:42 p.m.10 views

consumerprotectionbc.ca XSS vulnerability

Vulnerable URL: http://www.consumerprotectionbc.ca/businesses-cemetery-and-funeral-home/employee-search?firstname=%22%3E%3Csvg%2Fonload%3Dprompt%28%2FXSSPOSED%2F%29%3Ename=name=businessasname=&Submit.x;=0&Submit.y;=0&submitcheck=1 Details: Description| Value ---|--- Patched:| Yes, at 23.11.2017...

6.3AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2012/08/23 8:55 p.m.4 views

CVE-2011-5105

Multiple cross-site scripting XSS vulnerabilities in EmployeeSearch.cc in ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 allow remote attackers to inject arbitrary web script or HTML via the 1 searchType and 2 searchString parameters, a different vulnerability than CVE-2010-3274...

4.3CVSS5.4AI score0.21004EPSS
Exploits3References5
NVD
NVD
added 2011/02/17 6:0 p.m.19 views

CVE-2010-3274

Multiple cross-site scripting XSS vulnerabilities in EmployeeSearch.cc in the Employee Search Engine in ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allow remote attackers to inject arbitrary web script or HTML via the searchString parameter in a 1 showList or 2 Search action...

4.3CVSS5.6AI score0.21004EPSS
Exploits2References9
Prion
Prion
added 2011/02/17 6:0 p.m.15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in EmployeeSearch.cc in the Employee Search Engine in ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allow remote attackers to inject arbitrary web script or HTML via the searchString parameter in a 1 showList or 2 Search action...

4.3CVSS6AI score0.21004EPSS
Exploits2References9Affected Software1
Cvelist
Cvelist
added 2011/02/17 5:0 p.m.27 views

CVE-2010-3274

Multiple cross-site scripting XSS vulnerabilities in EmployeeSearch.cc in the Employee Search Engine in ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allow remote attackers to inject arbitrary web script or HTML via the searchString parameter in a 1 showList or 2 Search action...

5.6AI score0.21004EPSS
Exploits2References9
CVE
CVE
added 2011/02/17 5:0 p.m.53 views

CVE-2010-3274

Affected product/version: ManageEngine ADSelfService Plus (Zoho) prior to 4.5 Build 4500. Vulnerability type: Cross‑site scripting (XSS) in EmployeeSearch.cc, affecting the search functionality; exploits reflect user input back to the page. Impact/reason: Remote attackers can inject arbitrary scr...

4.3CVSS5.6AI score0.21004EPSS
Exploits2References9Affected Software1
Rows per page
Query Builder