695 matches found
The vulnerability of the `type` parameter in the Netcat module of the netshop CMS system allows a hacker to execute arbitrary JavaScript code.
The vulnerability of the “type” parameter in the netshop CMS system’s Netcat CMS system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...
The vulnerability of the `promotion_discount` parameter in the Netcat Netshop CMS system allows a hacker to execute arbitrary JavaScript code.
The vulnerability of the promotiondiscount parameter in the Netcat NetShop CMS system relates to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...
The vulnerability of the “file” parameter in the netshop CMS system’s Netcat module allows a hacker to execute arbitrary JavaScript code.
The vulnerability of the “file” parameter in the netshop CMS system’s Netcat module exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute any arbitrary JavaScript code in the user’s browser remotely...
The vulnerability of the logging module in CMS systems like Netcat allows attackers to execute arbitrary JavaScript code.
The vulnerability of the logging module in CMS systems like Netcat exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...
The vulnerability of the Netcat CMS system’s comment module allows a hacker to execute arbitrary JavaScript code.
The vulnerability of the Netcat CMS system’s comment module exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser remotely...
The vulnerability of the Netcat module in CMS systems allows attackers to gain unauthorized access to protected information.
The vulnerability of the messaging module in the CMS system Netcat is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to the protected information from the database...
PT-2024-88: Cross-Site Request Forgery (CSRF) and Reflected Cross-Site Scripting (XSS) in Netcat CMS (module calendar)
The vulnerability was identified in Netcat CMS module calendar, version 6.4 Extra. The vulnerability is related to cross-site request forgery. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked...
PT-2024-75: Time-based SQL Injection in Netcat CMS (module messaging)
The vulnerability was identified in Netcat CMS module messaging, version 6.4 Extra. The discovered vulnerability allows an attacker to read information from the database. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 20.08.2024 Recommendations: Update to version or...
PT-2024-97: Cross-Site Request Forgery (CSRF) and Reflected Cross-Site Scripting (XSS) in Netcat CMS (module netshop)
The vulnerability was identified in Netcat CMS module netshop, version 6.4 Extra. The vulnerability is related to cross-site request forgery. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked...
PT-2024-91: Time-based SQL Injection in Netcat CMS
The vulnerability was identified in Netcat, version 6.4 Extra. The discovered vulnerability allows an attacker to read information from the database. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 20.08.2024 Recommendations: Update to version or higher Additional...
PT-2024-94: Cross-Site Request Forgery (CSRF) and Reflected Cross-Site Scripting (XSS) in Netcat CMS (module netshop)
The vulnerability was identified in Netcat CMS module netshop, version 6.4 Extra. The vulnerability is related to cross-site request forgery. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked...
PT-2024-92: Reflected Cross-Site Scripting (XSS) in Netcat CMS (filemanager module)
The vulnerability was identified in Netcat filemanager module, version 6.4 Extra. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked user. Vulnerability status: Confirmed by vendor Date of...
PT-2024-79: Reflected Cross-Site Scripting (XSS) in Netcat CMS (logging module)
The vulnerability was identified in Netcat logging module, version 6.4 Extra. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked user. Vulnerability status: Confirmed by vendor Date of...
PT-2024-82: Reflected Cross-Site Scripting (XSS) in Netcat CMS (netshop module)
The vulnerability was identified in Netcat CMS netshop module, version 6.4 Extra. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked user. Vulnerability status: Confirmed by vendor Date of...
PT-2024-80: Reflected Cross-Site Scripting (XSS) in Netcat CMS (comments module)
The vulnerability was identified in Netcat comments module, version 6.4 Extra. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked user. Vulnerability status: Confirmed by vendor Date of...
PT-2024-76: Time-based SQL Injection in Netcat CMS (module comments)
The vulnerability was identified in Netcat CMS module comments, version 6.4 Extra. The discovered vulnerability allows an attacker to read information from the database. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 20.08.2024 Recommendations: Update to version or...
PT-2024-78: Time-based SQL Injection in Netcat CMS (module comments)
The vulnerability was identified in Netcat CMS module comments, version 6.4 Extra. The discovered vulnerability allows an attacker to read information from the database. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 20.08.2024 Recommendations: Update to version or...
PT-2024-77: Time-based SQL Injection in Netcat CMS (module comments)
The vulnerability was identified in Netcat CMS module comments, version 6.4 Extra. The discovered vulnerability allows an attacker to read information from the database. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 20.08.2024 Recommendations: Update to version or...
PT-2024-83: Reflected Cross-Site Scripting (XSS) in Netcat CMS (netshop module)
The vulnerability was identified in Netcat netshop module, version 6.4 Extra. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the attacked user. Vulnerability status: Confirmed by vendor Date of...
PT-2024-90: Cross-Site Request Forgery (CSRF) and Path Traversal in Netcat CMS (module filemanager)
The vulnerability was identified in Netcat CMS module filemanager, version 6.4 Extra. The vulnerability is related to cross-site request forgery. The discovered vulnerability allows an authorized attacker with the administrator role to execute arbitrary JavaScript code in the browser of the...