Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/05/20 7:41 p.m.9 views

CVE-2026-35016 Open ISES Tickets < 3.44.2 Reflected XSS via search.php frm_query Parameter

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in search.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frmquery POST parameter directly into an HTML input field VALUE attribute. Attackers...

5.1CVSS5.8AI score0.00221EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/20 7:41 p.m.34 views

CVE-2026-35016 Open ISES Tickets < 3.44.2 Reflected XSS via search.php frm_query Parameter

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in search.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frmquery POST parameter directly into an HTML input field VALUE attribute. Attackers...

5.1CVSS0.00221EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.16 views

PT-2026-42258

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in search.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frm query POST parameter directly into an HTML input field VALUE attribute. Attacker...

5.1CVSS5.8AI score0.00221EPSS
Exploits0References4
OSV
OSV
added 2019/09/18 4:15 p.m.6 views

CVE-2019-14253

An issue was discovered in servletcontroller in the secure portal in Publisure 2.1.2. One can bypass authentication and perform a query on PHP forms within the /AdminDir folder that should be restricted...

6.5CVSS5.8AI score0.01078EPSS
Exploits2References1
Rows per page
Query Builder