CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Github Security Blog•added 2024/04/12 3:37 p.m.•27 views

tiagorlampert CHAOS vulnerable to Cross Site Scripting

Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allows a remote attacker to escalate privileges via the sendCommandHandler function in the handler.go component...

4.8CVSS6.7AI score0.08104EPSS

Exploits6References4Affected Software1

CNNVD•added 2024/04/12 12:0 a.m.•1 views

CHAOS 安全漏洞

github Chaos is a software application. Visualization of connections between Chaos Theory and Fractals via Logical Mapping;. A security vulnerability exists in CHAOS version v5.0.1 that stems from the presence of a cross-site scripting XSS vulnerability. An attacker can exploit the vulnerability ...

4.8CVSS6.6AI score0.08104EPSS

Exploits6References3

CVE•added 2024/04/12 12:0 a.m.•67 views

CVE-2024-31839

CVE-2024-31839 concerns a Cross-Site Scripting in tiagorlampert CHAOS v5.0.1 via the sendCommandHandler function (handler.go), enabling a remote attacker to escalate privileges. Nuclei templates confirm the XSS vector; a Metasploit module describes an XSS path that can lead to RCE in CHAOS-relate...

4.8CVSS6.4AI score0.08104EPSS

Exploits6References2Affected Software1

Vulnrichment•added 2024/04/12 12:0 a.m.•12 views

CVE-2024-31839

Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allows a remote attacker to escalate privileges via the sendCommandHandler function in the handler.go component...

6.7AI score0.08104EPSS

Exploits6References2

Cvelist•added 2024/04/12 12:0 a.m.•19 views

CVE-2024-31839

Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allows a remote attacker to escalate privileges via the sendCommandHandler function in the handler.go component...

6.5AI score0.08104EPSS

Exploits6References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by