CVE-2023-41157

Multiple stored cross-site scripting XSS vulnerabilities in Usermin 2.000 allow remote attackers to inject arbitrary web script or HTML via the folder name parameter while creating the folder to manage the folder tab, filter tab, and forward mail tab...

Cross site scripting

Multiple stored cross-site scripting XSS vulnerabilities in Usermin 2.000 allow remote attackers to inject arbitrary web script or HTML via the folder name parameter while creating the folder to manage the folder tab, filter tab, and forward mail tab...

CVE-2023-41157

Multiple stored cross-site scripting XSS vulnerabilities in Usermin 2.000 allow remote attackers to inject arbitrary web script or HTML via the folder name parameter while creating the folder to manage the folder tab, filter tab, and forward mail tab...

Webmin Usermin Cross-Site Scripting Vulnerability

Webmin Usermin is a web-based interface from Webmin Inc. It is used for webmail, password change, mail filters, fetchmail, and more. A cross-site scripting vulnerability exists in Webmin Usermin version 2.000. A remote attacker can use this vulnerability to inject arbitrary web script or HTML via...

WordPress Plugin Dropbox Folder Share Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

CVE-2023-41157

Multiple stored cross-site scripting XSS vulnerabilities in Usermin 2.000 allow remote attackers to inject arbitrary web script or HTML via the folder name parameter while creating the folder to manage the folder tab, filter tab, and forward mail tab...

CVE-2023-41157

CVE-2023-41157 affects Usermin 2.000. The vulnerability is a stored XSS in the folder name parameter when creating folders, affecting the Folder/Filters/Forward Mail tabs. An attacker can inject arbitrary script/HTML by supplying crafted folder names. Root cause is improper handling/validation of...

PT-2023-27832 · Usermin · Usermin

Name of the Vulnerable Software and Affected Versions: Usermin version 2.000 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the folder name parameter while creating a folder. This affects the management of the folder tab, filter tab, and forward mail tab...

CVE-2023-41156

A Stored Cross-Site Scripting XSS vulnerability in the filter and forward mail tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via the save to new folder named field while creating a new filter...

CVE-2023-41156

A Stored Cross-Site Scripting XSS vulnerability in the filter and forward mail tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via the save to new folder named field while creating a new filter...

CVE-2023-41156

A Stored Cross-Site Scripting XSS vulnerability in the filter and forward mail tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via the save to new folder named field while creating a new filter...

Usermin Cross-Site Scripting Vulnerability

Webmin Usermin is a web-based interface from Webmin Inc. It is used for webmail, password change, mail filters, fetchmail and more. A cross-site scripting vulnerability exists in Usermin version 2.001, which originates from a security issue within the filter, forward mail tab, that allows remote...

CVE-2023-41156

A Stored Cross-Site Scripting XSS vulnerability in the filter and forward mail tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via the save to new folder named field while creating a new filter...

WordPress Dropbox Folder Share Plugin <= 1.9.7 is vulnerable to Local File Inclusion

Software Dropbox Folder Share Type Plugin Vulnerable versions = 1.9.7 Fixed in N/A OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2023-4488 Patch priority Low CVSS severity Low 9.8 Developer Claim ownership PSID 097b8d11ce41 Credits Marco Wotschka Required privilege...

CVE-2023-31468

An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 Runtime RT7.3 RC3 20221209.5. The "%PROGRAMFILESX86%\INOSOFT GmbH" folder has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM. 2024-1 is a fixed version...

PT-2023-23346 · Inosoft Gmbh · Inosoft Visiwin

Name of the Vulnerable Software and Affected Versions: Inosoft VisiWin versions 7 through 2022-2.1 Description: An issue was discovered in the "%PROGRAMFILESX86%INOSOFT GmbH" folder, which has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM...

CVE-2023-32470

Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service DOS...

Dell Digital Delivery Security Breach

Dell Digital Delivery is a Dell USA Inc. application designed for Dell computing devices to purchase pre-installed software for computers online. A security vulnerability exists in Dell Digital Delivery prior to version 5.0.82.0, which stems from an insecure operation vulnerability on the include...

Exploit for External Control of File Name or Path in Moodle

CVE-2023-30943 Vulnerability Scanner This tool detects a vuln...

CVE-2023-30713

Improper privilege management vulnerability in FolderLockNotifier in One UI Home prior to SMR Sep-2023 Release 1 allows local attackers to change some settings of the folder lock...