34 matches found
EUVD-2017-8864
Malware in sbrugna...
EUVD-2017-8865
Malware in sbrugna...
EUVD-2010-3762
Malware in sbrugna...
EUVD-2023-30905
Malicious code in bioql PyPI...
CVE-2023-27121
A cross-site scripting XSS vulnerability in the component /framework/cron/action/humanize of Pleasant Solutions Pleasant Password Server v7.11.41.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cronString parameter...
CVE-2023-27121
A cross-site scripting XSS vulnerability in the component /framework/cron/action/humanize of Pleasant Solutions Pleasant Password Server v7.11.41.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cronString parameter...
CVE-2023-27121
A cross-site scripting XSS vulnerability in the component /framework/cron/action/humanize of Pleasant Solutions Pleasant Password Server v7.11.41.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cronString parameter...
Cross site scripting
A cross-site scripting XSS vulnerability in the component /framework/cron/action/humanize of Pleasant Solutions Pleasant Password Server v7.11.41.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cronString parameter...
Pleasant Solutions Pleasant Password Server Cross-Site Scripting Vulnerability
Pleasant Solutions Pleasant Password Server is a proprietary multi-user enterprise password server from Pleasant Solutions. A security vulnerability exists in Pleasant Solutions Pleasant Password Server version v7.11.41.0, which originates from a cross-site scripting XSS vulnerability in the...
CVE-2023-27121
A cross-site scripting XSS vulnerability in the component /framework/cron/action/humanize of Pleasant Solutions Pleasant Password Server v7.11.41.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cronString parameter...
CVE-2023-27121
CVE-2023-27121 describes an XSS vulnerability in Pleasant Solutions Pleasant Password Server v7.11.41.0, arising from the /framework/cron/action/humanize component when a crafted payload is injected into the cronString parameter. Affected software is Pleasant Password Server; the vulnerable code ...
PT-2023-20966 · Unknown · Pleasant Password Server
Name of the Vulnerable Software and Affected Versions: Pleasant Password Server version 7.11.41.0 Description: A cross-site scripting XSS issue exists in the /framework/cron/action/humanize component, allowing attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into...
CVE-2017-17708
Because of insufficient authorization checks it is possible for any authenticated user to change profile data of other users in Pleasant Password Server before 7.8.3...
CVE-2017-17707
Due to missing authorization checks, any authenticated user is able to list, upload, or delete attachments to password safe entries in Pleasant Password Server before 7.8.3. To perform those actions on an entry, the user needs to know the corresponding "CredentialId" value, which uniquely...
CVE-2017-17708
Because of insufficient authorization checks it is possible for any authenticated user to change profile data of other users in Pleasant Password Server before 7.8.3...
Authorization
Because of insufficient authorization checks it is possible for any authenticated user to change profile data of other users in Pleasant Password Server before 7.8.3...
CVE-2017-17707
Due to missing authorization checks, any authenticated user is able to list, upload, or delete attachments to password safe entries in Pleasant Password Server before 7.8.3. To perform those actions on an entry, the user needs to know the corresponding "CredentialId" value, which uniquely...
CVE-2017-17708
Affected software: Pleasant Password Server (before version 7.8.3).Root cause: Insufficient authorization checks allowing a logged-in user to modify other users’ profile data.Impact: Any authenticated user can change profile data of other users; no confidentiality impact, but integrity of user pr...
CVE-2017-17707
The vulnerability CVE-2017-17707 affects Pleasant Password Server prior to version 7.8.3. Due to missing authorization checks, any authenticated user can list, upload, or delete attachments to password safe entries if they know the corresponding CredentialId (a GUID). Exposure can occur when an e...
CVE-2017-17708
Because of insufficient authorization checks it is possible for any authenticated user to change profile data of other users in Pleasant Password Server before 7.8.3...