Lucene search
K

251 matches found

Vulnrichment
Vulnrichment
added 2025/11/06 2:51 p.m.4 views

CVE-2025-11956 XSS in Proliz's OBS

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Proliz Software Ltd. Co. OBS Student Affairs Information System allows Stored XSS. This issue affects OBS Student Affairs Information System: before 25.0401...

8.9CVSS5.8AI score0.00246EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/06 2:51 p.m.9 views

CVE-2025-11956 XSS in Proliz's OBS

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Proliz Software Ltd. Co. OBS Student Affairs Information System allows Stored XSS. This issue affects OBS Student Affairs Information System: before 25.0401...

8.9CVSS0.00246EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/10/23 8:36 a.m.4 views

CVE-2025-10914

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Proliz Software Ltd. Co. OBS Student Affairs Information System allows Reflected XSS. This issue affects OBS Student Affairs Information System: before V26.0401...

7.6CVSS5.5AI score0.00235EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/23 8:36 a.m.3 views

CVE-2025-10914 Reflected XSS in Proliz's OBS

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Proliz Software Ltd. Co. OBS Student Affairs Information System allows Reflected XSS. This issue affects OBS Student Affairs Information System: before V26.0401...

7.6CVSS5.4AI score0.00235EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/23 8:36 a.m.11 views

CVE-2025-10914 Reflected XSS in Proliz's OBS

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Proliz Software Ltd. Co. OBS Student Affairs Information System allows Reflected XSS. This issue affects OBS Student Affairs Information System: before V26.0401...

7.6CVSS0.00235EPSS
Exploits0References2
CVE
CVE
added 2025/10/23 8:36 a.m.12 views

CVE-2025-10914

CVE-2025-10914 is a Reflected XSS vulnerability in Proliz Software Ltd. Co. OBS (Student Affairs Information System) prior to version V26.0401, caused by improper input neutralization during web page generation. Affected component is OBS web rendering where user-supplied input can be reflected in...

7.6CVSS5.4AI score0.00235EPSS
Exploits0References2
OSV
OSV
added 2025/10/16 8:15 a.m.4 views

CVE-2025-41021

Stored Cross-Site Scripting XSS in Sergestec's Exito v8.0, consisting of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'obs' parameter in '/admin/index.php?action=productupdate'. This vulnerability could allow a remote user to send a specially...

5.4CVSS5.9AI score0.00251EPSS
Exploits0References1
NVD
NVD
added 2025/10/16 8:15 a.m.6 views

CVE-2025-41021

Stored Cross-Site Scripting XSS in Sergestec's Exito v8.0, consisting of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'obs' parameter in '/admin/index.php?action=productupdate'. This vulnerability could allow a remote user to send a specially...

5.4CVSS0.00251EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/16 8:0 a.m.3 views

CVE-2025-41021 Stored Cross-Site Scripting (XSS) vulnerability in Sergestec's Exito

Stored Cross-Site Scripting XSS in Sergestec's Exito v8.0, consisting of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'obs' parameter in '/admin/index.php?action=productupdate'. This vulnerability could allow a remote user to send a specially...

5.1CVSS4.6AI score0.00251EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/16 8:0 a.m.11 views

CVE-2025-41021 Stored Cross-Site Scripting (XSS) vulnerability in Sergestec's Exito

Stored Cross-Site Scripting XSS in Sergestec's Exito v8.0, consisting of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'obs' parameter in '/admin/index.php?action=productupdate'. This vulnerability could allow a remote user to send a specially...

5.1CVSS0.00251EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/16 8:0 a.m.6 views

EUVD-2025-34732

Stored Cross-Site Scripting XSS in Sergestec's Exito v8.0, consisting of a stored XSS due to a lack of proper validation of user input by sending a POST request using the 'obs' parameter in '/admin/index.php?action=productupdate'. This vulnerability could allow a remote user to send a specially...

5.1CVSS4.5AI score0.00251EPSS
Exploits0References2
CVE
CVE
added 2025/10/16 8:0 a.m.12 views

CVE-2025-41021

The CVE-2025-41021 entry describes a Stored Cross-Site Scripting (XSS) in Sergestec’s Exito v8.0. The root cause is lack of proper validation of user input in a POST to /admin/index.php?action=product_update via the obs parameter, enabling a stored XSS payload. Impact stated includes the possibil...

5.4CVSS4.6AI score0.00251EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/10/16 12:0 a.m.4 views

Sergestec Exito 跨站脚本漏洞

Sergestec Exito is a sales platform from Sergestec, Inc. A cross-site scripting vulnerability exists in Sergestec Exito version v8.0, which stems from insufficient validation of user input for the parameter obs in the file /admin/index.php, which could lead to a stored cross-site scripting attack...

5.4CVSS5.8AI score0.00251EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-3761

Malware in sbrugna...

8.8CVSS8.6AI score0.01091EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-18210

Malware in sbrugna...

9.3CVSS7.7AI score0.02326EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-5592

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00552EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-51651

Malicious code in bioql PyPI...

4.5CVSS5AI score0.00199EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-23949

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00337EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-5602

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00386EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-19637

Malicious code in bioql PyPI...

6.3CVSS6.6AI score0.00879EPSS
Exploits0References1
Rows per page
Query Builder