Lucene search
+L

8 matches found

nvd
nvd
added 2023/12/16 1:15 a.m.18 views

CVE-2021-42797

Path traversal vulnerability in AVEVA Edge formerly InduSoft Web Studio versions R2020 and prior allows an unauthenticated user to steal the Windows access token of the user account configured for accessing external DB resources...

7.5CVSS0.01EPSS
Exploits0References2
prion
prion
added 2023/12/16 1:15 a.m.21 views

Path traversal

Path traversal vulnerability in AVEVA Edge formerly InduSoft Web Studio versions R2020 and prior allows an unauthenticated user to steal the Windows access token of the user account configured for accessing external DB resources...

5CVSS7.2AI score0.01EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2023/12/16 12:0 a.m.24 views

CVE-2021-42797

Path traversal vulnerability in AVEVA Edge formerly InduSoft Web Studio versions R2020 and prior allows an unauthenticated user to steal the Windows access token of the user account configured for accessing external DB resources...

7.8AI score0.01EPSS
Exploits0References2
cnvd
cnvd
added 2022/11/25 12:0 a.m.39 views

AVEVA Edge has an information disclosure vulnerability

AVEVA Edge is a highly scalable and flexible HMI/SCADA software from the UK-based Jianwei Software AVEVA. An information disclosure vulnerability exists in AVEVA Edge version 2020 R2, which can be exploited by an attacker to obtain account information for accessing external DB resource...

7.5CVSS7.1AI score0.01EPSS
Exploits0References1
osv
osv
added 2022/05/13 1:12 a.m.13 views

GHSA-6MXM-WPQV-675H Moodle XSS from profile fields from external db

Multiple cross-site scripting XSS vulnerabilities in auth/db/auth.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via an external DB profile field...

6.1CVSS6.8AI score0.01465EPSS
Exploits0References15
github
github
added 2022/05/13 1:12 a.m.17 views

Moodle XSS from profile fields from external db

Multiple cross-site scripting XSS vulnerabilities in auth/db/auth.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via an external DB profile field...

6.1CVSS5.8AI score0.01465EPSS
Exploits0References15Affected Software1
veracode
veracode
added 2017/07/26 10:35 p.m.18 views

Cross-site Scripting (XSS)

Moodle is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary web script with an external DB profile field...

6.1CVSS6.9AI score0.01465EPSS
Exploits0References5Affected Software1
ubuntucve
ubuntucve
added 2016/05/22 8:59 p.m.19 views

CVE-2016-2152

Multiple cross-site scripting XSS vulnerabilities in auth/db/auth.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via an external DB profile field...

6.1CVSS6.9AI score0.01465EPSS
Exploits0References2
Rows per page
Query Builder