CVE-2020-15597

SOPlanning 1.46.01 allows persistent XSS via the Project Name, Statutes Comment, Places Comment, or Resources Comment field...

Cross site scripting

SOPlanning 1.46.01 allows persistent XSS via the Project Name, Statutes Comment, Places Comment, or Resources Comment field...

CVE-2020-15597

SOPlanning 1.46.01 allows persistent XSS via the Project Name, Statutes Comment, Places Comment, or Resources Comment field...

CVE-2020-15597

CVE-2020-15597 affects SOPlanning prior to or at version 1.46.01, where persistent XSS is possible through input fields Project Name, Statutes Comment, Places Comment, or Resources Comment due to insufficient input validation. The vulnerability is described across multiple sources (NVD, Red Hat a...

Lindy 42633 Cross-Site Scripting Vulnerability

The Lindy 42633 is a 4-port USB 2.0 Gigabit network server. A persistent cross-site scripting vulnerability exists in Lindy 42633 2.078.000. An attacker can exploit this vulnerability via a specially crafted server name to conduct cross-site scripting attacks...

CVE-2020-15060

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name...

CVE-2020-15056

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name...

Cross site scripting

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name...

CVE-2020-15056

CVE-2020-15056 affects TP-Link TL-PS310U USB Network Server devices up to version 2.079.000.t0210. Affected function is the server name setting under administrative privileges, allowing an attacker on the same network to perform persistent cross-site scripting via a crafted server name. The vulne...

CVE-2020-15056

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name...

Car Rental Management System 1.0 Cross Site Scripting

Exploit Title: Car Rental Management System v1.0 - Unauthenticated Persistent XSS Session Harvester Exploit Author: Bobby Cooke Date: August 6, 2020 Vendor Homepage: https://projectworlds.in Software Link: https://github.com/projectworlds32/Car-Rental-Syatem-PHP-MYSQL/archive/master.zip Version:...

Daily Expenses Management System 1.0 Cross SIte Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: Daily Expenses Management System 1.0 - Cross-Site Request Forgery Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html Software Link:...

Daily Expenses Management System 1.0 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Daily Expenses Management System 1.0 - Multiple Persistent Cross-Site Scripting Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html Software Link:...

CVE-2020-15944

An issue was discovered in the Gantt-Chart module before 5.5.5 for Jira. Due to missing validation of user input, it is vulnerable to a persistent XSS attack. An attacker can embed the attack vectors in the dashboard of other users. To exploit this vulnerability, an attacker has to be authenticat...

CVE-2020-15944

An issue was discovered in the Gantt-Chart module before 5.5.5 for Jira. Due to missing validation of user input, it is vulnerable to a persistent XSS attack. An attacker can embed the attack vectors in the dashboard of other users. To exploit this vulnerability, an attacker has to be authenticat...

Input validation

An issue was discovered in the Gantt-Chart module before 5.5.5 for Jira. Due to missing validation of user input, it is vulnerable to a persistent XSS attack. An attacker can embed the attack vectors in the dashboard of other users. To exploit this vulnerability, an attacker has to be authenticat...

CVE-2020-15944

An issue was discovered in the Gantt-Chart module before 5.5.5 for Jira. Due to missing validation of user input, it is vulnerable to a persistent XSS attack. An attacker can embed the attack vectors in the dashboard of other users. To exploit this vulnerability, an attacker has to be authenticat...

US Government Warns of a New Strain of Chinese 'Taidoor' Virus

Intelligence agencies in the US have released information about a new variant of 12-year-old computer virus used by China's state-sponsored hackers targeting governments, corporations, and think tanks. Named "Taidoor, " the malware has done an 'excellent' job of compromising systems as early as...

Car Rental Management System 1.0 Cross Site Scripting

Exploit Title: Car Rental Management System v1.0 - Persistent Cross-Site Scripting Unauthenticated Exploit Author: Adeeb Shah @hyd3sec Date: August 3, 2020 Vendor Homepage: https://projectsworld.in/ Software Link:...

GRUB2 Boothole Buffer Overflow Vulnerability (CVE-2020-10713) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR®

On July 29, 2020, Eclypsium researchers disclosed a high-risk vulnerability in GRUB2 GRand Unified Bootloader version 2 affecting billions of Linux and Windows systems, even when secure boot is enabled. CVE-2020-10713 is assigned to this buffer overflow vulnerability, termed as “Boothole”...