Lucene search
+L

8 matches found

RedhatCVE
RedhatCVE
added 2025/04/16 2:50 p.m.13 views

CVE-2024-49705

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to client-side Denial of Servise DoS attacks. An attacker might trick a user into using an URL with a d parameter set to an unhandled value. All the subsequent requests will not be accepted as the server returns an error...

5.3CVSS6AI score0.00307EPSS
Exploits0References1
NVD
NVD
added 2025/04/14 12:15 p.m.23 views

CVE-2024-49706

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Open Redirect attacks by including base64 encoded URLs in the target parameter sent in a POST request to one of the endpoints. This vulnerability has been patched in version 79.0...

6.1CVSS0.00307EPSS
Exploits0References2
NVD
NVD
added 2025/04/14 12:15 p.m.20 views

CVE-2024-49708

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Stored XSS Cross-site Scripting attacks. An attacker might trick a user into filling a form designed for setting delivery address with a malicious script, what causes the script to run in user's context. This vulnerability...

5.4CVSS0.00212EPSS
Exploits0References2
NVD
NVD
added 2025/04/14 12:15 p.m.11 views

CVE-2024-10090

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS Cross-site Scripting attacks. An attacker might trick a user into filling a form designed for adding users with a malicious script, what causes the script to run in user's context. This vulnerability has been...

6.1CVSS0.0023EPSS
Exploits0References2
NVD
NVD
added 2025/04/14 12:15 p.m.27 views

CVE-2024-13598

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS Cross-site Scripting attacks. Using a functionality of creating new form fields one creates new parameters vulnerable to XSS attacks. A user tricked into filling such a form with a malicious script will run th...

6.1CVSS0.0023EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/14 12:5 p.m.24 views

CVE-2024-49705 XSS in iKSORIS

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to client-side Denial of Servise DoS attacks. An attacker might trick a user into using an URL with a d parameter set to an unhandled value. All the subsequent requests will not be accepted as the server returns an error...

5.3CVSS0.00307EPSS
Exploits0References2
CVE
CVE
added 2025/04/14 12:5 p.m.84 views

CVE-2024-13598

Internet Starter, a module of SoftCOM iKSORIS, is vulnerable to Reflected XSS via the form-field creation feature that adds new parameters. The vulnerability could allow an attacker to execute script in the victim’s browser context when a user submits a crafted form. The issue is addressed in ver...

6.1CVSS5.9AI score0.0023EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/04/14 12:4 p.m.77 views

CVE-2024-13597

Technical details for CVE-2024-13597 are not publicly available in the provided documents. Monitor for updates from official sources; current materials only mention a Reflected XSS in Internet Starter and patch in v79.0.

5.1CVSS5.7AI score0.00389EPSS
Exploits0References2
Rows per page
Query Builder