Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2026/03/02 2:36 p.m.4 views

EUVD-2025-208155

Chamilo is a learning management system. Prior to version 1.11.30, a stored cross-site scripting XSS vulnerability exists due to insufficient sanitization of CSV filenames. An attacker can upload a maliciously named CSV file e.g., .csv that leads to JavaScript execution when viewed by...

4.8CVSS5.9AI score0.00295EPSS
Exploits1References3
Veracode
Veracodeadded 2024/07/18 6:17 a.m.14 views

Link Injection

Apache Airflow is vulnerable to Link Injection. The vulnerability is due to improper validation for urls in the provider list within the file views.py, which allows an authenticated attacker to inject a malicious link when installing a provider...

8.1CVSS6.4AI score0.01039EPSS
Exploits0References5Affected Software1
NVD
NVDadded 2022/12/18 10:15 p.m.15 views

CVE-2021-4254

A vulnerability has been found in ctrlo lenio and classified as problematic. Affected by this vulnerability is an unknown functionality of the file views/layouts/main.tt of the component Notice Handler. The manipulation of the argument notice.notice.text leads to cross site scripting. The attack...

6.1CVSS0.00385EPSS
Exploits0References2
NVD
NVDadded 2022/12/18 10:15 p.m.27 views

CVE-2021-4255

A vulnerability was found in ctrlo lenio and classified as problematic. Affected by this issue is some unknown functionality of the file views/contractor.tt. The manipulation of the argument contractor.name leads to cross site scripting. The attack may be launched remotely. The name of the patch ...

6.1CVSS0.00385EPSS
Exploits0References2
OSV
OSVadded 2022/12/18 10:15 p.m.16 views

CVE-2021-4256

A vulnerability was found in ctrlo lenio. It has been classified as problematic. This affects an unknown part of the file views/index.tt. The manipulation of the argument task.name/task.site.org.name leads to cross site scripting. It is possible to initiate the attack remotely. The name of the...

6.1CVSS6.2AI score
Exploits0References2
OSV
OSVadded 2022/12/18 10:15 p.m.9 views

CVE-2021-4254

A vulnerability has been found in ctrlo lenio and classified as problematic. Affected by this vulnerability is an unknown functionality of the file views/layouts/main.tt of the component Notice Handler. The manipulation of the argument notice.notice.text leads to cross site scripting. The attack...

6.1CVSS6.3AI score
Exploits0References2
Prion
Prionadded 2022/12/18 10:15 p.m.16 views

Cross site scripting

A vulnerability was found in ctrlo lenio and classified as problematic. Affected by this issue is some unknown functionality of the file views/contractor.tt. The manipulation of the argument contractor.name leads to cross site scripting. The attack may be launched remotely. The name of the patch ...

5.8CVSS6AI score0.00385EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2022/12/18 12:0 a.m.52 views

CVE-2021-4255

CVE-2021-4255 affects ctrlo lenio. The vulnerability lies in an unknown functionality of views/contractor.tt where manipulating the contractor.name parameter leads to cross-site scripting. Exploitation is described as potentially remote. A patch identifier is provided (e1646d5cd0a2fbab9eb505196dd...

6.1CVSS4.8AI score0.00385EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder