CVE-2024-34058

The WebTop package for NethServer 7 and 8 allows stored XSS for example, via the Subject field if an e-mail message...

EUVD-2021-34143

Malicious code in bioql PyPI...

Nethserver 7 / 8 Cross Site Scripting

CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting XSS in WebTop package Suggested description The WebTop package for NethServer 7 and 8 allows stored XSS for example, via the Subject field if an e-mail message. ------------------------------------------ Additional Information NethServe...

CVE-2024-34058

The WebTop package for NethServer 7 and 8 allows stored XSS for example, via the Subject field if an e-mail message...

NethServer 跨站脚本漏洞

NethServer is a Linux system for hobbyists. A security vulnerability exists in NethServer versions 7 and 8 that stems from allowing stored cross-site scripting attacks...

CVE-2024-34058

The CVE-2024-34058 entry concerns stored XSS in the WebTop package for NethServer 7 and 8. Affected component: WebTop (Sonicle) integrated with NethServer; root cause: insufficient input sanitization/output escaping allows payloads (e.g., in the Email Subject) to be stored and executed in the fro...

CVE-2024-34058

The WebTop package for NethServer 7 and 8 allows stored XSS for example, via the Subject field if an e-mail message...

CVE-2024-34058

The WebTop package for NethServer 7 and 8 allows stored XSS for example, via the Subject field if an e-mail message...

PT-2024-25671 · Webtop +1 · Webtop +1

Name of the Vulnerable Software and Affected Versions: NethServer versions 7 through 8 Description: The issue concerns stored cross-site scripting XSS in the WebTop package. This can be exploited, for example, via the Subject field of an e-mail message. NethServer is an operating system designed...

CVE-2021-4313

A vulnerability was found in NethServer phonenehome. It has been rated as critical. This issue affects the function getinfo/getcountrycoor of the file server/index.php. The manipulation leads to sql injection. The identifier of the patch is 759c30b0ddd7d493836bbdf695cf71624b377391. It is...

CVE-2021-4313

A vulnerability was found in NethServer phonenehome. It has been rated as critical. This issue affects the function getinfo/getcountrycoor of the file server/index.php. The manipulation leads to sql injection. The identifier of the patch is 759c30b0ddd7d493836bbdf695cf71624b377391. It is...

Sql injection

A vulnerability was found in NethServer phonenehome. It has been rated as critical. This issue affects the function getinfo/getcountrycoor of the file server/index.php. The manipulation leads to sql injection. The identifier of the patch is 759c30b0ddd7d493836bbdf695cf71624b377391. It is...

CVE-2021-4313 NethServer phonenehome index.php get_country_coor sql injection

A vulnerability was found in NethServer phonenehome. It has been rated as critical. This issue affects the function getinfo/getcountrycoor of the file server/index.php. The manipulation leads to sql injection. The identifier of the patch is 759c30b0ddd7d493836bbdf695cf71624b377391. It is...

CVE-2021-4313

Affected software: NethServer phonenehome. Vulnerability: SQL injection in the functions get_info/get_country_coor within file server/index.php. Root cause / details: manipulation leads to SQL injection; described across multiple sources for CVE-2021-4313 with critical severity. Impact (as stated...

NethServer nethserver-phonenehome SQL注入漏洞

nethserver-phonenehome is an open source application for NethServer. It is used to track all NethServer installations worldwide. NethServer nethserver-phonenehome suffers from a SQL injection vulnerability that originates from a security issue in the function getinfo/getcountrycoor in the file...

ccis-nethserver.ccis.ch Improper Access Control vulnerability OBB-1224894

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

NethServer 7.3.1611 (create.json) CSRF Create User And Enable SSH Access

Description The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. Vendor...

NethServer 7.3.1611 (Upload.json) CSRF Script Insertion Vulnerability

Description NethServer suffers from an authenticated stored XSS vulnerability. Input passed to the 'BackupConfigUploadDescription' POST parameter is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser sessio...

NethServer 7.3.1611 - Cross-Site Request Forgery / Cross-Site Scripting Vulnerabilities

Exploit for jsp platform in category web applications NethServer 7.3.1611 Upload.json CSRF Script Insertion Vulnerability Vendor: NethServer.org Product web page: https://www.nethserver.org Affected version: 7.3.1611-u1-x8664 Summary: NethServer is an operating system for the Linux enthusiast,...

NethServer 7.3.1611 (Upload.json) CSRF Script Insertion Vulnerability

Summary NethServer is an operating system for the Linux enthusiast, designed for small offices and medium enterprises. It's simple, secure and flexible. Description NethServer suffers from an authenticated stored XSS vulnerability. Input passed to the 'BackupConfigUploadDescription' POST paramete...