4 matches found
EUVD-2024-31434
SOPlanning 1.52.00 is vulnerable to Cross Site Scripting XSS via the groupeid parameter to process/groupesave.php...
The vulnerability in the /soplanning/www/process/groupe_save.php component of the SOPlanning CMS system allows a attacker to perform XSS attacks.
The vulnerability of the /soplanning/www/process/groupesave.php component of the SOPlanning CMS system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks using the groupeid parameter...
CVE-2024-9572
Cross-Site Scripting XSS vulnerability in SOPlanning 1.45, due to lack of proper validation of user input via /soplanning/www/process/groupesave.php, in the groupeid parameter. This could allow a remote user to send a specially crafted query to an authenticated user and steal their session detail...
Exploit for CVE-2024-33722
Exploit Title: SOPlanning v1.52.00 'groupesave.php' XSS Reflec...