CVE-2022-45182

Pi-StarDVDash for Pi-Star DV before 5aa194d mishandles the module parameter...

CVE-2022-45182

Pi-Star DV Dash (Pi-Star DV) is affected by CVE-2022-45182 in all versions prior to 5aa194d due to mishandling of the module parameter. The CVE metadata indicates a CRITICAL impact (C/H/I/A) with network attack vector and no user interaction required. Public references in the initial and connecte...

CVE-2022-45182

Pi-StarDVDash for Pi-Star DV before 5aa194d mishandles the module parameter...

PT-2022-27418 · Unknown · Pi-Star Dv Dash

Name of the Vulnerable Software and Affected Versions: Pi-Star DV Dash for Pi-Star DV versions prior to 5aa194d Description: The issue concerns the mishandling of the module parameter. Recommendations: For versions prior to 5aa194d, update to a version that includes the fix for the mishandling of...

CVE-2022-45182

Pi-StarDVDash for Pi-Star DV before 5aa194d mishandles the module parameter...

TYPO3 Backend component Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the Backend component in TYPO3 6.2.x before 6.2.19 allows remote attackers to inject arbitrary web script or HTML via the module parameter when creating a bookmark...

CVE-2021-27309

Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "module" parameter...

CVE-2021-27309

Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "module" parameter...

CVE-2021-27309

Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "module" parameter...

OpenSourceCMS.com Clansphere CMS 跨站脚本漏洞

ClanSphere is a modular Web-CMS. A cross-site scripting vulnerability exists in Clansphere 2011.4. The vulnerability can be exploited to inject JavaScript via the "module" parameter...

ONAP SDNC Operating System Command Injection Vulnerability

The ONAP SDNC is a network-defined network controller from the ONAP program. An operating system command injection vulnerability exists in ONAP SDNC versions prior to 4.0.0. The vulnerability can be exploited to execute arbitrary commands with the help of a specially crafted 'module' parameter...

ONAP SDNC Operating System Command Injection Vulnerability (CNVD-2020-28483)

The ONAP SDNC is a network-defined network controller from the ONAP program. ONAP SDNC suffers from an operating system command injection vulnerability. The vulnerability can be exploited to execute arbitrary commands with the help of a specially crafted 'module' parameter...

CVE-2019-12113

An issue was discovered in ONAP SDNC before Dublin. By executing sla/printAsGv with a crafted module parameter, an authenticated user can execute an arbitrary command. All SDC setups that include admportal are affected...

Design/Logic Flaw

An issue was discovered in ONAP SDNC before Dublin. By executing sla/printAsGv with a crafted module parameter, an authenticated user can execute an arbitrary command. All SDC setups that include admportal are affected...

Design/Logic Flaw

An issue was discovered in ONAP SDNC before Dublin. By executing sla/printAsXml with a crafted module parameter, an authenticated user can execute an arbitrary command. All SDC setups that include admportal are affected...

CVE-2019-12123

An issue was discovered in ONAP SDNC before Dublin. By executing sla/printAsXml with a crafted module parameter, an authenticated user can execute an arbitrary command. All SDC setups that include admportal are affected...

CVE-2019-12113

An issue was discovered in ONAP SDNC before Dublin. By executing sla/printAsGv with a crafted module parameter, an authenticated user can execute an arbitrary command. All SDC setups that include admportal are affected...

PT-2019-15803 · Zoho · Zoho Crm Lead Magnet Plugin

Name of the Vulnerable Software and Affected Versions: Zoho CRM Lead Magnet plugin version 1.6.9.1 Description: The issue allows for XSS attacks. This can be achieved via the module, EditShortcode, or LayoutName. Recommendations: For Zoho CRM Lead Magnet plugin version 1.6.9.1, update to a newer...

CVE-2019-7646

CentOS-WebPanel.com aka CWP CentOS Web Panel through 0.9.8.763 is vulnerable to Stored/Persistent XSS for the "Package Name" field via the addpackage module parameter...

SugarCRM (WorkFlow module) PHP Code Injection Vulnerability

SugarCRM is an open source Customer Relationship Management CRM system from SugarCRM USA. The system supports differentiated marketing, management and distribution of sales leads for different customer needs, and enables information sharing and tracking of sales representatives. A PHP code...