24 matches found
EUVD-2022-4577
Malicious code in bioql PyPI...
EUVD-2024-16217
Malicious code in bioql PyPI...
CVE-2024-0422
A vulnerability was found in CodeAstro POS and Inventory Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /newitem of the component New Item Creation Page. The manipulation of the argument newitem leads to cross sit...
Akaunting 3.1.8 - Server-Side Template Injection (SSTI) Vulnerability
Exploit Title: Akaunting 3.1.8 - Server-Side Template Injection SSTI Exploit Author: tmrswrr Vendor: https://akaunting.com/forum Software Link: https://akaunting.com/apps/crm Vulnerable Versions: 3.1.8 Tested : https://www.softaculous.com/apps/erp/Akaunting 1 Login with admin cred and go to : Ite...
Akaunting 3.1.8 - Server-Side Template Injection (SSTI)
Exploit Title: Akaunting 3.1.8 - Server-Side Template Injection SSTI Exploit Author: tmrswrr Date: 30/05/2024 Vendor: https://akaunting.com/forum Software Link: https://akaunting.com/apps/crm Vulnerable Versions: 3.1.8 Tested : https://www.softaculous.com/apps/erp/Akaunting 1 Login with admin cre...
Inventory Management System Cross-Site Scripting Vulnerability
Inventory Management System is an inventory management system. A cross-site scripting vulnerability exists in Inventory Management System version 1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the parameter newitem in the component New Item Creation...
CVE-2024-0422
A vulnerability was found in CodeAstro POS and Inventory Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /newitem of the component New Item Creation Page. The manipulation of the argument newitem leads to cross sit...
Cross site scripting
A vulnerability was found in CodeAstro POS and Inventory Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /newitem of the component New Item Creation Page. The manipulation of the argument newitem leads to cross sit...
CVE-2024-0422 CodeAstro POS and Inventory Management System New Item Creation Page new_item cross site scripting
A vulnerability was found in CodeAstro POS and Inventory Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /newitem of the component New Item Creation Page. The manipulation of the argument newitem leads to cross sit...
CVE-2024-0422 CodeAstro POS and Inventory Management System New Item Creation Page new_item cross site scripting
A vulnerability was found in CodeAstro POS and Inventory Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /newitem of the component New Item Creation Page. The manipulation of the argument newitem leads to cross sit...
Inventory Management System 跨站脚本漏洞
Inventory Management System is an inventory management system. A cross-site scripting vulnerability exists in Inventory Management System version 1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the parameter newitem in the component New Item Creation...
GHSA-MJ7Q-CMF3-MG7H Stored XSS vulnerability in Jenkins on new item page
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape display names and IDs of item types shown on the New Item page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to specify display names or IDs of item types. As of the publication of...
Stored XSS vulnerability in Jenkins on new item page
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape display names and IDs of item types shown on the New Item page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to specify display names or IDs of item types. As of the publication of...
jenkins: Stored XSS vulnerability on new item page
A flaw was found in jenkins. A cross-site scripting XSS vulnerability is possible due to display names and IDs of item types shown on the New Item page not being properly escaped. The highest threat from this vulnerability is to data confidentiality and integrity...
jenkins: Stored XSS vulnerability on new item page
A flaw was found in jenkins. A cross-site scripting XSS vulnerability is possible due to display names and IDs of item types shown on the New Item page not being properly escaped. The highest threat from this vulnerability is to data confidentiality and integrity...
jenkins: Stored XSS vulnerability on new item page
A flaw was found in jenkins. A cross-site scripting XSS vulnerability is possible due to display names and IDs of item types shown on the New Item page not being properly escaped. The highest threat from this vulnerability is to data confidentiality and integrity...
Cross-Site Scripting (XSS)
Jenkins is vulnerable to cross-site scripting. The vulnerability existed because it does not escape display names and IDs of item types shown on the New Item page...
Cross site scripting
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape display names and IDs of item types shown on the New Item page, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to specify display names or IDs of item types...
PT-2021-14654 · Jenkins · Jenkins
Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.274 and earlier, LTS versions 2.263.1 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability, which is exploitable by attackers able to specify display names or IDs of item types shown...
Bottelet Daybyday Crm Cross-Site Scripting Vulnerability
Bottelet Daybyday Crm is a website builder for task, time, employee, and vacation management by Bottelet Personal Developers. A cross-site scripting vulnerability exists in Daybyday 2.1.0 that allows storing XSS to the New Item screen via the title parameter...