5 matches found
CVE-2019-25402 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via login
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the username parameter. Attackers can send POST requests to the login endpoint with script payloads in the username...
Provide server 跨站脚本漏洞
Provide server is a Windows SFTP server from Provide server, Inc. A security vulnerability exists in Provide server version 14.4. An attacker can exploit this vulnerability to execute arbitrary code in the server logs via the username field in the login table...
Digital Alert Systems DASDEC EAS 跨站脚本漏洞
Digital Alert Systems DASDEC EAS is a digital alert system from Digital Alert Systems, Inc. Digital Alert Systems DASDEC EAS suffers from a cross-site scripting vulnerability that can be exploited by a remote attacker to inject arbitrary web script or HTML code via the username field of the login...
CVE-2021-45435
An SQL Injection vulnerability exists in Sourcecodester Simple Cold Storage Management System using PHP/OOP 1.0 via the username field in login.php...
CVE-2019-17205
TeamPass 2.1.27.36 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be executed...