Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-29928

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.0053EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 12:5 a.m.8 views

CVE-2022-25229

Popcorn Time 0.4.7 has a Stored XSS in the 'Movies API Servers' field via the 'settings' page. The 'nodeIntegration' configuration is set to on which allows the 'webpage' to use 'NodeJs' features, an attacker can leverage this to run OS commands...

5.4CVSS5.8AI score0.0053EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/05/20 11:15 a.m.2 views

CVE-2022-25229

Popcorn Time 0.4.7 has a Stored XSS in the 'Movies API Servers' field via the 'settings' page. The 'nodeIntegration' configuration is set to on which allows the 'webpage' to use 'NodeJs' features, an attacker can leverage this to run OS commands...

5.4CVSS6.1AI score0.0053EPSS
Exploits1References3
OSV
OSV
added 2022/05/20 11:15 a.m.23 views

CVE-2022-25229

Popcorn Time 0.4.7 has a Stored XSS in the 'Movies API Servers' field via the 'settings' page. The 'nodeIntegration' configuration is set to on which allows the 'webpage' to use 'NodeJs' features, an attacker can leverage this to run OS commands...

5.4CVSS5.7AI score
Exploits0References2
NVD
NVD
added 2022/05/20 11:15 a.m.12 views

CVE-2022-25229

Popcorn Time 0.4.7 has a Stored XSS in the 'Movies API Servers' field via the 'settings' page. The 'nodeIntegration' configuration is set to on which allows the 'webpage' to use 'NodeJs' features, an attacker can leverage this to run OS commands...

5.4CVSS0.0053EPSS
Exploits1References2
Prion
Prion
added 2022/05/20 11:15 a.m.13 views

Cross site scripting

Popcorn Time 0.4.7 has a Stored XSS in the 'Movies API Servers' field via the 'settings' page. The 'nodeIntegration' configuration is set to on which allows the 'webpage' to use 'NodeJs' features, an attacker can leverage this to run OS commands...

3.5CVSS5.1AI score0.0053EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/05/20 11:1 a.m.702 views

CVE-2022-25229

CVE-2022-25229 affects Popcorn Time 0.4.7. A Stored XSS vulnerability originates in the Settings page, in the Movies API Server(s) field, where lack of input validation allows injection of script. The issue is aggravated by nodeIntegration being turned on, which can permit the webpage to access N...

5.4CVSS5.1AI score0.0053EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/05/20 11:1 a.m.25 views

CVE-2022-25229

Popcorn Time 0.4.7 has a Stored XSS in the 'Movies API Servers' field via the 'settings' page. The 'nodeIntegration' configuration is set to on which allows the 'webpage' to use 'NodeJs' features, an attacker can leverage this to run OS commands...

5.4AI score0.0053EPSS
Exploits1References2
Rows per page
Query Builder