981 matches found
CVE-2022-4869 Evolution Events Artaxerxes POST Parameter middleware.py information disclosure
A vulnerability was found in Evolution Events Artaxerxes. It has been declared as problematic. This vulnerability affects unknown code of the file arta/common/middleware.py of the component POST Parameter Handler. The manipulation of the argument password leads to information disclosure. The atta...
CVE-2021-4247
A vulnerability has been found in OWASP NodeGoat and classified as problematic. This vulnerability affects unknown code of the file app/routes/research.js of the component Query Parameter Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The name of the...
CVE-2021-4247
A vulnerability has been found in OWASP NodeGoat and classified as problematic. This vulnerability affects unknown code of the file app/routes/research.js of the component Query Parameter Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The name of the...
Design/Logic Flaw
A vulnerability has been found in OWASP NodeGoat and classified as problematic. This vulnerability affects unknown code of the file app/routes/research.js of the component Query Parameter Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The name of the...
CVE-2021-4247 OWASP NodeGoat Query Parameter research.js denial of service
A vulnerability has been found in OWASP NodeGoat and classified as problematic. This vulnerability affects unknown code of the file app/routes/research.js of the component Query Parameter Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The name of the...
OWASP NodeGoat 安全漏洞
OWASP NodeGoat is a project of the OWASP Foundation in the United States. It provides an environment to learn how the OWASP Top 10 security risks apply to web applications developed using Node. OWASP NodeGoat suffers from a security vulnerability that results in a denial of service due to unknown...
CVE-2021-4247 OWASP NodeGoat Query Parameter research.js denial of service
A vulnerability has been found in OWASP NodeGoat and classified as problematic. This vulnerability affects unknown code of the file app/routes/research.js of the component Query Parameter Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The name of the...
PT-2022-11599 · Owasp · Owasp Nodegoat
Name of the Vulnerable Software and Affected Versions: OWASP NodeGoat affected versions not specified Description: A problematic issue has been found in the Query Parameter Handler component, specifically affecting the file app/routes/research.js. This issue leads to denial of service and can be...
CVE-2022-4591
A vulnerability was found in mschaef toto up to 1.4.20. It has been declared as problematic. This vulnerability affects unknown code of the component Email Parameter Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.4.21 is able ...
CVE-2022-4591
A vulnerability was found in mschaef toto up to 1.4.20. It has been declared as problematic. This vulnerability affects unknown code of the component Email Parameter Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.4.21 is able ...
CVE-2022-4591
CVE-2022-4591 affects mschaef toto up to version 1.4.20, where the Email Parameter Handler component allows cross-site scripting. The vulnerability can be triggered remotely and is described as problematic with the root cause tied to unknown code in the Email Parameter Handler; upgrading to 1.4.2...
CVE-2022-4591 mschaef toto Email Parameter cross site scripting
A vulnerability was found in mschaef toto up to 1.4.20. It has been declared as problematic. This vulnerability affects unknown code of the component Email Parameter Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.4.21 is able ...
PT-2022-27679 · Unknown · Mschaef Toto
Name of the Vulnerable Software and Affected Versions: mschaef toto versions up to 1.4.20 Description: A vulnerability was found in the Email Parameter Handler component, which can be exploited to lead to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.4.21 is...
CVE-2022-4591 mschaef toto Email Parameter cross site scripting
A vulnerability was found in mschaef toto up to 1.4.20. It has been declared as problematic. This vulnerability affects unknown code of the component Email Parameter Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.4.21 is able ...
CVE-2022-4561 SemanticDrilldown Extension GET Parameter SDBrowseDataPage.php printFilterLine cross site scripting
A vulnerability classified as problematic has been found in SemanticDrilldown Extension. Affected is the function printFilterLine of the file includes/specials/SDBrowseDataPage.php of the component GET Parameter Handler. The manipulation of the argument value leads to cross site scripting. It is...
CVE-2022-4521
A vulnerability classified as problematic has been found in WSO2 carbon-registry up to 4.8.6. This affects an unknown part of the component Request Parameter Handler. The manipulation of the argument parentPath/path/username/path/profilemenu leads to cross site scripting. It is possible to initia...
CVE-2022-4521 WSO2 carbon-registry Request Parameter cross site scripting
A vulnerability classified as problematic has been found in WSO2 carbon-registry up to 4.8.6. This affects an unknown part of the component Request Parameter Handler. The manipulation of the argument parentPath/path/username/path/profilemenu leads to cross site scripting. It is possible to initia...
CVE-2022-4257
A vulnerability was found in C-DATA Web Management System. It has been rated as critical. This issue affects some unknown processing of the file cgi-bin/jumpto.php of the component GET Parameter Handler. The manipulation of the argument hostname leads to argument injection. The attack may be...
Design/Logic Flaw
A vulnerability was found in C-DATA Web Management System. It has been rated as critical. This issue affects some unknown processing of the file cgi-bin/jumpto.php of the component GET Parameter Handler. The manipulation of the argument hostname leads to argument injection. The attack may be...
CVE-2022-4257
A vulnerability was found in C-DATA Web Management System. It has been rated as critical. This issue affects some unknown processing of the file cgi-bin/jumpto.php of the component GET Parameter Handler. The manipulation of the argument hostname leads to argument injection. The attack may be...