EUVD-2023-45173

Malicious code in bioql PyPI...

Head Start 安全漏洞

Head Start is a web-based knowledge mapping software open-sourced by Open Knowledge Maps. It is designed to give researchers a head start in literature review hence the name. A security vulnerability exists in the v7 version of Head Start that stems from improper handling of the url parameter in...

CVE-2023-40618

A reflected cross-site scripting XSS vulnerability in OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 as well as Visual Project Explorer 1.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'service' parameter in...

CVE-2023-40618

A reflected cross-site scripting XSS vulnerability in OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 as well as Visual Project Explorer 1.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'service' parameter in...

Cross site scripting

A reflected cross-site scripting XSS vulnerability in OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 as well as Visual Project Explorer 1.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'service' parameter in...

Head Start Cross-Site Scripting Vulnerability

Head Start is a web-based knowledge mapping software open-sourced by Open Knowledge Maps. Designed to give researchers a head start on literature reviews hence the name. A security vulnerability exists in Open Knowledge Maps Head Start, Visual Project Explorer version 1.0. An attacker exploited t...

CVE-2023-40618

A reflected cross-site scripting XSS vulnerability in OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 as well as Visual Project Explorer 1.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'service' parameter in...

CVE-2023-40618

CVE-2023-40618 is a reflected XSS affecting OpenKnowledgeMaps Head Start (versions 4–7) and Visual Project Explorer 1.0. The vulnerability arises from handling of the ‘service’ parameter in the headstart_snapshot.php endpoint, allowing remote attackers to inject JavaScript into a user session. Do...

PT-2023-27543 · Openknowledgemaps · Openknowledgemaps Head Start

Name of the Vulnerable Software and Affected Versions: OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 Visual Project Explorer version 1.0 Description: A reflected cross-site scripting XSS issue allows remote attackers to execute arbitrary JavaScript in the web browser of a user. This is achieve...

CVE-2023-40617

A reflected cross-site scripting XSS vulnerability in OpenKnowledgeMaps Head Start 7 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'file' parameter in 'displayPDF.php'...

CVE-2023-40617

CVE-2023-40617 affects OpenKnowledgeMaps Head Start 7. The vulnerability is a reflected cross-site scripting (XSS) in which an attacker can cause a user’s browser to execute arbitrary JavaScript by injecting a malicious payload into the file parameter of the displayPDF.php endpoint. Impact is lim...

CVE-2023-40617

A reflected cross-site scripting XSS vulnerability in OpenKnowledgeMaps Head Start 7 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'file' parameter in 'displayPDF.php'...

Open Knowledge Maps Head Start 7 Cross-Site Scripting Vulnerability

Head Start is a web-based knowledge mapping software open-sourced by Open Knowledge Maps. It is designed to give researchers a head start on literature reviews hence the name. A security vulnerability exists in Open Knowledge Maps Head Start version 7, which stems from the presence of a Reflectiv...

iowaheadstart.com Cross Site Scripting vulnerability OBB-2866269

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

WebCAF 1.4 Local File Inclusion / Code Execution

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl webcaf = 1.4 Multiple Remote Vulnerabilities Script: "WebCAF is a web-based child and family database developed by Head Start of La...