24 matches found
EUVD-2018-8216
Malware in sbrugna...
EUVD-2024-28870
Malicious code in bioql PyPI...
CVE-2024-30952
A stored cross-site scripting XSS vulnerability in PESCMS-TEAM v2.3.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the domain input field under /youdoamin/?g=Team=Setting=action...
CVE-2020-28092
PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?g=Team=Task=my=3=,?g=Team=Task=my=0=,?g=Team=Task=my=1=,?g=Team=Task=my=10=...
CVE-2024-30952
A stored cross-site scripting XSS vulnerability in PESCMS-TEAM v2.3.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the domain input field under /youdoamin/?g=Team&m=Setting&a=action...
CVE-2024-30952
A stored cross-site scripting XSS vulnerability in PESCMS-TEAM v2.3.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the domain input field under /youdoamin/?g=Team&m=Setting&a=action...
CVE-2024-30952
PESCMS-TEAM v2.3.6 contains a stored XSS vulnerability exploitable via a crafted payload in the domain input field at /youdoamin/?g=Team&m=Setting&a=action. Affected component: domain input handling in the API endpoint; impact: execution of arbitrary web scripts/HTML. Some sources mention a tempo...
PESCMS TEAM 2.3.2 - Multiple Reflected XSS
Exploit Title: PESCMS TEAM 2.3.2 - Multiple Reflected XSS Date: 2020-11-18 Exploit Author: icekam Vendor Homepage: https://www.pescms.com/ Software Link: https://github.com/lazyphp/PESCMS-TEAM Version: PESCMS Team 2.3.2 CVE: CVE-2020-28092 PESCMS Team 2.3.2 has multiple reflected XSS via the id...
PESCMS TEAM 2.3.2 Cross Site Scripting
Exploit Title: PESCMS TEAM 2.3.2 - Multiple Reflected XSS Date: 2020-11-18 Exploit Author: icekam Vendor Homepage: https://www.pescms.com/ Software Link: https://github.com/lazyphp/PESCMS-TEAM Version: PESCMS Team 2.3.2 CVE: CVE-2020-28092 PESCMS Team 2.3.2 has multiple reflected XSS via the id...
PESCMS Team Cross-Site Scripting Vulnerability
PESCMS TEAM is an open source team task management system under the GPLv2 license. a cross-site scripting vulnerability exists in PESCMS Team 2.3.2. An attacker can exploit this vulnerability to conduct cross-site scripting attacks...
CVE-2020-28092
PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?g=Team&m=Task&a=my&status=3&id=,?g=Team&m=Task&a=my&status=0&id=,?g=Team&m=Task&a=my&status=1&id=,?g=Team&m=Task&a=my&status=10&id=...
CVE-2020-28092
PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?g=Team&m=Task&a=my&status=3&id=,?g=Team&m=Task&a=my&status=0&id=,?g=Team&m=Task&a=my&status=1&id=,?g=Team&m=Task&a=my&status=10&id=...
Cross site scripting
PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?g=Team&m=Task&a=my&status=3&id=,?g=Team&m=Task&a=my&status=0&id=,?g=Team&m=Task&a=my&status=1&id=,?g=Team&m=Task&a=my&status=10&id=...
CVE-2020-28092
PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?g=Team&m=Task&a=my&status=3&id=,?g=Team&m=Task&a=my&status=0&id=,?g=Team&m=Task&a=my&status=1&id=,?g=Team&m=Task&a=my&status=10&id=...
CVE-2020-28092
CVE-2020-28092 affects PESCMS Team 2.3.2 and manifests as multiple reflected XSS via the id parameter in endpoints like ?g=Team&m=Task&a=my&status=...&id= across several pages. Public references (Exploit-DB, Red Hat, CNVD, NVD, OSV, PRION, Pack et al.) corroborate the vulnerability, with exploit ...
Lazyphp Pescms Team 跨站脚本漏洞
PESCMS TEAM is an open source team task management system under the GPLv2 license. a cross-site scripting vulnerability exists in PESCMS Team 2.3.2. An attacker can exploit this vulnerability to conduct cross-site scripting attacks...
Code injection
In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive...
CVE-2018-16371
PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: g=Team&m=User&a=index&keyword=, g=Team&m=Usergroup&a=index&keyword=, g=Team&m=Department&a=index&keyword=, and g=Team&m=Bulletin&a=index&keyword=...
CVE-2018-16371
PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: g=Team&m=User&a=index&keyword=, g=Team&m=Usergroup&a=index&keyword=, g=Team&m=Department&a=index&keyword=, and g=Team&m=Bulletin&a=index&keyword=...
CVE-2018-16370
In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive...