24 matches found
CVE-2023-40617
A reflected cross-site scripting XSS vulnerability in OpenKnowledgeMaps Head Start 7 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'file' parameter in 'displayPDF.php'...
CVE-2023-40618
A reflected cross-site scripting XSS vulnerability in OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 as well as Visual Project Explorer 1.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'service' parameter in...
EUVD-2023-45173
Malicious code in bioql PyPI...
EUVD-2023-45174
Malicious code in bioql PyPI...
CVE-2024-51392
An issue in OpenKnowledgeMaps Headstart v7 allows a remote attacker to escalate privileges via the url parameter of the getPDF.php component...
CVE-2024-51392
An issue in OpenKnowledgeMaps Headstart v7 allows a remote attacker to escalate privileges via the url parameter of the getPDF.php component...
CVE-2024-51392
An issue in OpenKnowledgeMaps Headstart v7 allows a remote attacker to escalate privileges via the url parameter of the getPDF.php component...
CVE-2024-51392
An issue in OpenKnowledgeMaps Headstart v7 allows a remote attacker to escalate privileges via the url parameter of the getPDF.php component...
PT-2025-23180 · Unknown · Openknowledgemaps Head Start
Name of the Vulnerable Software and Affected Versions: OpenKnowledgeMaps Headstart version 7 Description: An issue in OpenKnowledgeMaps Headstart allows a remote attacker to escalate privileges via the url parameter of the "getPDF.php" component. Recommendations: For OpenKnowledgeMaps Headstart...
CVE-2024-51392
An issue in OpenKnowledgeMaps Headstart v7 allows a remote attacker to escalate privileges via the url parameter of the getPDF.php component...
CVE-2024-51392
CVE-2024-51392 affects OpenKnowledgeMaps Headstart v7. The vulnerability stems from improper handling of the url parameter in getPDF.php , allowing a remote attacker to achieve privilege escalation . Reported CVSSv3.1 vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (base 8.8). Connected sources ident...
CVE-2023-40618
A reflected cross-site scripting XSS vulnerability in OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 as well as Visual Project Explorer 1.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'service' parameter in...
CVE-2023-40618
A reflected cross-site scripting XSS vulnerability in OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 as well as Visual Project Explorer 1.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'service' parameter in...
CVE-2023-40618
A reflected cross-site scripting XSS vulnerability in OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 as well as Visual Project Explorer 1.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'service' parameter in...
Cross site scripting
A reflected cross-site scripting XSS vulnerability in OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 as well as Visual Project Explorer 1.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'service' parameter in...
CVE-2023-40618
A reflected cross-site scripting XSS vulnerability in OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 as well as Visual Project Explorer 1.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'service' parameter in...
CVE-2023-40618
A reflected cross-site scripting XSS vulnerability in OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 as well as Visual Project Explorer 1.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'service' parameter in...
CVE-2023-40618
CVE-2023-40618 is a reflected XSS affecting OpenKnowledgeMaps Head Start (versions 4–7) and Visual Project Explorer 1.0. The vulnerability arises from handling of the ‘service’ parameter in the headstart_snapshot.php endpoint, allowing remote attackers to inject JavaScript into a user session. Do...
PT-2023-27543 · Openknowledgemaps · Openknowledgemaps Head Start
Name of the Vulnerable Software and Affected Versions: OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 Visual Project Explorer version 1.0 Description: A reflected cross-site scripting XSS issue allows remote attackers to execute arbitrary JavaScript in the web browser of a user. This is achieve...
CVE-2023-40617
A reflected cross-site scripting XSS vulnerability in OpenKnowledgeMaps Head Start 7 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'file' parameter in 'displayPDF.php'...