Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2026/02/19 12:2 p.m.4 views

CVE-2019-25402 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via login

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the username parameter. Attackers can send POST requests to the login endpoint with script payloads in the username...

6.1CVSS5.6AI score0.00384EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/02/10 12:0 a.m.8 views

Provide server 跨站脚本漏洞

Provide server is a Windows SFTP server from Provide server, Inc. A security vulnerability exists in Provide server version 14.4. An attacker can exploit this vulnerability to execute arbitrary code in the server logs via the username field in the login table...

6.1CVSS6.8AI score0.02628EPSS
Exploits4References5
CNNVD
CNNVD
added 2022/11/23 12:0 a.m.48 views

Digital Alert Systems DASDEC EAS 跨站脚本漏洞

Digital Alert Systems DASDEC EAS is a digital alert system from Digital Alert Systems, Inc. Digital Alert Systems DASDEC EAS suffers from a cross-site scripting vulnerability that can be exploited by a remote attacker to inject arbitrary web script or HTML code via the username field of the login...

5.4CVSS5.8AI score0.00438EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/01/28 3:15 p.m.3 views

CVE-2021-45435

An SQL Injection vulnerability exists in Sourcecodester Simple Cold Storage Management System using PHP/OOP 1.0 via the username field in login.php...

9.8CVSS7.4AI score0.01096EPSS
Exploits1References2
OSV
OSV
added 2019/10/05 10:15 p.m.17 views

CVE-2019-17205

TeamPass 2.1.27.36 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be executed...

6.1CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder