Lucene search
+L

151 matches found

Prion
Prion
added 2017/06/14 9:29 p.m.11 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted country data...

4.3CVSS6.1AI score0.01014EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2017/06/14 9:29 p.m.2 views

CVE-2017-9622

Multiple cross-site scripting XSS vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted common data...

6.1CVSS5.4AI score0.01028EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2017/06/14 9:29 p.m.2 views

CVE-2017-9621

Cross-site scripting XSS vulnerability in modules/Base/Lang/Administrator/updatetranslation.php in EPESI in Telaxus/EPESI 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 original or 2 new parameter...

6.1CVSS5.7AI score0.01037EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2017/06/14 9:29 p.m.4 views

CVE-2017-9624

Multiple cross-site scripting XSS vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted currency decimal-sign data...

6.1CVSS5.4AI score0.01014EPSS
Exploits1References3
NVD
NVD
added 2017/06/14 9:29 p.m.15 views

CVE-2017-9624

Multiple cross-site scripting XSS vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted currency decimal-sign data...

6.1CVSS6.1AI score0.01014EPSS
Exploits1References2
Prion
Prion
added 2017/06/14 9:29 p.m.15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted currency decimal-sign data...

4.3CVSS6.1AI score0.01014EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2017/06/14 9:29 p.m.18 views

CVE-2017-9621

Cross-site scripting XSS vulnerability in modules/Base/Lang/Administrator/updatetranslation.php in EPESI in Telaxus/EPESI 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 original or 2 new parameter...

6.1CVSS5.9AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2017/06/14 9:29 p.m.2 views

CVE-2017-9623

Multiple cross-site scripting XSS vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted country data...

6.1CVSS5.4AI score0.01014EPSS
Exploits1References3
OSV
OSV
added 2017/06/14 9:29 p.m.21 views

CVE-2017-9622

Multiple cross-site scripting XSS vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted common data...

6.1CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2017/06/14 9:29 p.m.11 views

CVE-2017-9624

Multiple cross-site scripting XSS vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted currency decimal-sign data...

6.1CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2017/06/14 9:29 p.m.14 views

CVE-2017-9623

Multiple cross-site scripting XSS vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted country data...

6.1CVSS5.9AI score
Exploits0References2
Cvelist
Cvelist
added 2017/06/14 9:0 p.m.21 views

CVE-2017-9622

Multiple cross-site scripting XSS vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted common data...

6.1AI score0.01028EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/06/14 9:0 p.m.19 views

CVE-2017-9621

Cross-site scripting XSS vulnerability in modules/Base/Lang/Administrator/updatetranslation.php in EPESI in Telaxus/EPESI 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 original or 2 new parameter...

6.1AI score0.01037EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/06/14 9:0 p.m.25 views

CVE-2017-9623

Multiple cross-site scripting XSS vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted country data...

6.1AI score0.01014EPSS
Exploits1References2
Cvelist
Cvelist
added 2017/06/14 9:0 p.m.20 views

CVE-2017-9624

Multiple cross-site scripting XSS vulnerabilities in Telaxus/EPESI 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted currency decimal-sign data...

6.1AI score0.01014EPSS
Exploits1References2
CVE
CVE
added 2017/06/14 9:0 p.m.42 views

CVE-2017-9624

CVE-2017-9624 affects Telaxus EPESI 1.8.2 and earlier, with multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via crafted currency decimal-sign data. Public references consistently describe XSS in EPESI and point toward prior ve...

6.1CVSS6AI score0.01014EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2017/06/14 9:0 p.m.40 views

CVE-2017-9623

Telaxus EPESI is affected by multiple XSS vulnerabilities in version 1.8.2 and earlier, exploitable via crafted country data. The issue is the ability for remote attackers to inject arbitrary web script or HTML into the user’s browser. OpenVAS indicates a fix in EPESI

6.1CVSS6AI score0.01014EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2017/06/14 9:0 p.m.44 views

CVE-2017-9622

Telaxus/EPESI is affected by multiple XSS vulnerabilities in version 1.8.2 and earlier, allowing remote attackers to inject arbitrary web script or HTML via crafted data. The OpenVAS entry corroborates XSS across multiple parameters. Exploitation would occur in the web interface; no in-wild explo...

6.1CVSS6AI score0.01028EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/06/14 9:0 p.m.51 views

CVE-2017-9621

EPESI (Telaxus) 1.8.2 and earlier contains a Cross-site scripting (XSS) vulnerability in modules/Base/Lang/Administrator/update_translation.php, exploitable via the original or new parameter. Affected component is the update_translation.php translation update logic; root cause is unsanitized user...

6.1CVSS6AI score0.01037EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2017/06/05 12:0 a.m.4 views

Telaxus EPESI cross-site scripting vulnerability (CNVD-2017-11057)

Telaxus EPESI is a Polish company Telaxus open source customer relationship management system based on PHP/Ajax framework CRM. The system provides schedule management , multi-user address book , proxy matters and other functions . A cross-site scripting vulnerability exists in the...

4.8CVSS5.9AI score0.00668EPSS
Exploits1References1
Rows per page
Query Builder