CVE-2024-10288

Cross-Site Scripting XSS vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through /mlss/SubscribeToList, parameter ListName...

CVE-2024-10287

CVE-2024-10287 describes a Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9. A remote attacker can craft a query to an authenticated user via the /mlss/ForgotPassword endpoint, abusing the ListName parameter to steal session details. The CVSS v3.1 base score is 6.1 (Medium), w...

CVE-2024-10287 Cross-Site Scripting (XSS) vulnerability in LocalServer

Cross-Site Scripting XSS vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through /mlss/ForgotPassword, parameter ListName...

LocalServer 跨站脚本漏洞

LocalServer is a web server software for Windows by murdas83 Individual Developer. A cross-site scripting vulnerability exists in LocalServer version 1.0.9, which stems from a cross-site scripting XSS vulnerability that could allow a remote user to send a specially crafted query to an authenticat...

LocalServer 跨站脚本漏洞

LocalServer is a web server software for Windows from the individual developer murdas83. A cross-site scripting vulnerability exists in LocalServer version 1.0.9, which can be exploited to obtain sensitive information from a user session via the ListName parameter on the /mlss/ForgotPassword page...

CVE-2023-34836

A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a crafted script to the Dtltyp and ListName parameters...

CVE-2023-34836

A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a crafted script to the Dtltyp and ListName parameters...

CVE-2023-34836

A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a crafted script to the Dtltyp and ListName parameters...

MicroWorld Technologies eScan Management Console 跨站脚本漏洞

The MicroWorld Technologies eScan Management Console is an eScan management console from MicroWorld Technologies, Inc. A cross-site scripting vulnerability exists in Microworld Technologies eScan Management console version v.14.0.1400.2281, which originates from a vulnerability that allows a remo...

CVE-2020-14024

Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored and/or reflected XSS vulnerabilities via the 1 Receiver or Recipient field in the Mailbox feature, 2 OZFORMGROUPNAME field in the Group configuration of addresses, 3 listname field in the Defining address lists configuration, o...

CVE-2020-14024

CVE-2020-14024 специалисты описывают как у Ozeki NG SMS Gateway до версии 4.17.6 обнаружены несколько XSS-уязвимостей, требующих аутентифицированного доступа: через поля Receiver/Recipient в Mailbox, OZFORM_GROUPNAME в настройках групп адресов, поле listname в Defining Address Lists и через любой...