10 matches found
EUVD-2023-2702
Malicious code in bioql PyPI...
Design/Logic Flaw
baserCMS is a website development framework with WebAPI that runs on PHP8 and CakePHP4. There is a XSS Vulnerability in Favorites Feature to baserCMS. This issue has been patched in version 4.8.0...
CVE-2023-29009
CVE-2023-29009 affects baserCMS: a stored XSS vulnerability in the Favorites feature on baserCMS WebAPI (PHP8/CakePHP4). Root cause is XSS in the Favorites UI leading to script execution on vulnerable admin/user pages. Impact described in sources includes potential browser-execution of arbitrary ...
CVE-2023-29009 basercms XSS Vulnerability via Favorites Feature
baserCMS is a website development framework with WebAPI that runs on PHP8 and CakePHP4. There is a XSS Vulnerability in Favorites Feature to baserCMS. This issue has been patched in version 4.8.0...
CVE-2023-29009 basercms XSS Vulnerability via Favorites Feature
baserCMS is a website development framework with WebAPI that runs on PHP8 and CakePHP4. There is a XSS Vulnerability in Favorites Feature to baserCMS. This issue has been patched in version 4.8.0...
baserCMS Cross-Site Scripting Vulnerability
baserCMS is an enterprise-level content management system CMS from the baserCMS team. A security vulnerability exists in baserCMS versions prior to 4.8.0, which stems from a cross-site scripting XSS vulnerability in the Favorites feature...
baserCMS Cross-site Scripting Vulnerability in Favorites Feature
There is a XSS Vulnerability in Favorites Feature to baserCMS. This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users. If you are eligible, please update to the new version as soon as possible. Target baserCMS 4.7.8 and earlier...
PT-2023-22083 · Cakephp +2 · Cakephp +2
Name of the Vulnerable Software and Affected Versions: baserCMS versions prior to 4.8.0 Description: The issue is a XSS Vulnerability in the Favorites Feature of baserCMS, a website development framework that runs on PHP8 and CakePHP4. This vulnerability allows malicious code to be executed in th...
[SECURITY] Fedora 33 Update: vinagre-3.22.0-21.fc33
Vinagre is a VNC client for the GNOME desktop. With Vinagre you can have several connections open simultaneously, bookmark your servers thanks to the Favorites support, store the passwords in the GNOME keyring, and browse the network to look for VNC servers. Apart from the VNC protocol, vinagre...
CVE-2017-16567
Persistent Cross-Site Scripting XSS vulnerability in Logitech Media Server 7.9.0, affecting the "Favorites" feature. This vulnerability allows remote attackers to inject and permanently store malicious JavaScript payloads, which are executed when users access the affected functionality...