21 matches found
EUVD-2025-178023
Malicious code in long-new-report-analyze-permission npm...
CVE-2025-6452
A vulnerability was found in CodeAstro Patient Record Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the component Generate New Report Page. The manipulation of the argument Patient Name/Name leads to cross site scripting. The attack may be...
CVE-2025-6452 CodeAstro Patient Record Management System Generate New Report Page cross site scripting
A vulnerability was found in CodeAstro Patient Record Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the component Generate New Report Page. The manipulation of the argument Patient Name/Name leads to cross site scripting. The attack may be...
CVE-2025-6452 CodeAstro Patient Record Management System Generate New Report Page cross site scripting
A vulnerability was found in CodeAstro Patient Record Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the component Generate New Report Page. The manipulation of the argument Patient Name/Name leads to cross site scripting. The attack may be...
PT-2025-26538 · Unknown · Codeastro Patient Record Management System
Name of the Vulnerable Software and Affected Versions: CodeAstro Patient Record Management System version 1.0 Description: A vulnerability was found in the CodeAstro Patient Record Management System. This issue affects some unknown processing of the component Generate New Report Page. The...
CVE-2025-29923
creationtimestamp| type| source ---|---|--- 2025-03-20 18:20:44+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8247 2025-03-20 21:04:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lktlxbicuc2m 2025-03-20 21:35:07+00:00| seen|...
CVE-2024-7570
creationtimestamp| type| source ---|---|--- 2024-08-13 22:08:56+00:00| seen| https://t.me/cvedetector/3076 2024-08-14 09:24:16+00:00| seen| https://t.me/HackingInsights/9817 2024-08-15 14:00:07+00:00| seen| https://t.me/truesecator/6097 2025-05-13 16:05:17+00:00| seen|...
Unveiling Nebula's Report 2.0: A new approach to security reporting
We're excited to announce Report 2.0, a major upgrade to our report system in Nebula. Report 2.0 is not just a cosmetic touch up--it's a completely revamped security reporting solution designed to cater to your diverse business requirements, allowing for a more dynamic, data-driven approach to IT...
GitLab 跨站脚本漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab CE/EE, which stems from a possible...
SUSE CVE-2021-26349
Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent MA...
CVE-2021-26349
Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent MA...
CVE-2021-26349
Failure to assign a new report ID to an imported guest may potentially result in an SEV-SNP guest VM being tricked into trusting a dishonest Migration Agent MA...
Google Sees State-Sponsored Hackers Ramping Up Coronavirus Attacks
More than 12 government-backed groups are using the pandemic as cover for digital reconnaissance and espionage, according to a new report...
Pentagon Weapons Systems Are Easy Cyberattack Targets, New Report Finds
A new report says the Department of Defense "likely has an entire generation of systems that were designed and built without adequately considering cybersecurity."...
Nagios XI Cross-Site Scripting Vulnerability (CNVD-2018-09053)
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A cross-site scripting vulnerability exists in the Schedule New Report page in Nagios XI version 5.4.13,...
CVE-2018-10554
An issue was discovered in Nagios XI 5.4.13. There is XSS exploitable via CSRF in 1 the Schedule New Report screen via the hour, minute, or ampm parameter, related to components/scheduledreporting; 2 includes/components/xicore/downtime.php, related to the updatepages function; 3 the ajaxhelper.ph...
Cross site request forgery (csrf)
An issue was discovered in Nagios XI 5.4.13. There is XSS exploitable via CSRF in 1 the Schedule New Report screen via the hour, minute, or ampm parameter, related to components/scheduledreporting; 2 includes/components/xicore/downtime.php, related to the updatepages function; 3 the ajaxhelper.ph...
CVE-2018-10554
An issue was discovered in Nagios XI 5.4.13. There is XSS exploitable via CSRF in 1 the Schedule New Report screen via the hour, minute, or ampm parameter, related to components/scheduledreporting; 2 includes/components/xicore/downtime.php, related to the updatepages function; 3 the ajaxhelper.ph...
CVE-2018-10554
An issue was discovered in Nagios XI 5.4.13. There is XSS exploitable via CSRF in 1 the Schedule New Report screen via the hour, minute, or ampm parameter, related to components/scheduledreporting; 2 includes/components/xicore/downtime.php, related to the updatepages function; 3 the ajaxhelper.ph...
HackerOne: Previous attachments can be referenced when creating a new report
Hello When user upload file in comment to report, user can find file ID by two ways: 1. In preview mode - In response to POST method https://hackerone.com/attachments , answer will be something like this: -"id":84577,"name":"mytestfile.png","size":32397 where fileID = 84577 for example 2. If user...