14 matches found
EUVD-2024-53102
Malicious code in bioql PyPI...
REDCap 跨站脚本漏洞
REDCap is a data collection and management web application from the REDCap open source. A cross-site scripting vulnerability exists in REDCap version 13.1.9, which stems from a stored cross-site scripting vulnerability in the Project Dashboard, and could lead to an authenticated user executing...
CVE-2024-56312
A stored cross-site scripting XSS vulnerability in the Project Dashboard name of REDCap through 14.9.6 allows authenticated users to inject malicious scripts into the name field of a Project Dashboard. When a user clicks on the project Dashboard name, the crafted payload is executed, potentially...
CVE-2019-0399
SAP Portfolio and Project Management, before versions S4CORE 102, 103, EPPM 100 and CPRXRPM 500702, 600740, 610740; unintentionally allows a user to discover accounting information of the Projects in Project dashboard, leading to Information Disclosure...
CVE-2024-56312
A stored cross-site scripting XSS vulnerability in the Project Dashboard name of REDCap through 14.9.6 allows authenticated users to inject malicious scripts into the name field of a Project Dashboard. When a user clicks on the project Dashboard name, the crafted payload is executed, potentially...
CVE-2024-56312
A stored cross-site scripting XSS vulnerability in the Project Dashboard name of REDCap through 14.9.6 allows authenticated users to inject malicious scripts into the name field of a Project Dashboard. When a user clicks on the project Dashboard name, the crafted payload is executed, potentially...
CVE-2024-56312
A stored cross-site scripting XSS vulnerability in the Project Dashboard name of REDCap through 14.9.6 allows authenticated users to inject malicious scripts into the name field of a Project Dashboard. When a user clicks on the project Dashboard name, the crafted payload is executed, potentially...
REDCap 安全漏洞
REDCap is a data collection and management web application from REDCap Open Source. A security vulnerability exists in REDCap 15.0.0 and earlier versions, which stems from a lack of cross-site request forgery protection in the logout functionality, which allows an attacker to trigger a logout...
PT-2024-36783 · Redcap · Redcap
Name of the Vulnerable Software and Affected Versions: REDCap versions prior to 15.0.0 Description: A stored cross-site scripting XSS vulnerability in the Project Dashboard name of REDCap allows authenticated users to inject malicious scripts into the name field of a Project Dashboard. When a use...
CVE-2024-56312
A stored cross-site scripting XSS vulnerability in the Project Dashboard name of REDCap through 14.9.6 allows authenticated users to inject malicious scripts into the name field of a Project Dashboard. When a user clicks on the project Dashboard name, the crafted payload is executed, potentially...
CVE-2024-56312
Summary: CVE-2024-56312 is a stored XSS vulnerability in REDCap’s Project Dashboard name field (affected up to version 14.9.6). An authenticated user can inject malicious scripts that execute when the Dashboard name is clicked. The issue stems from insufficient input validation in the name field ...
Alfresco 5.2.4 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software Link:...
Information disclosure
SAP Portfolio and Project Management, before versions S4CORE 102, 103, EPPM 100 and CPRXRPM 500702, 600740, 610740; unintentionally allows a user to discover accounting information of the Projects in Project dashboard, leading to Information Disclosure...
CVE-2019-0399
SAP Portfolio and Project Management, before versions S4CORE 102, 103, EPPM 100 and CPRXRPM 500702, 600740, 610740; unintentionally allows a user to discover accounting information of the Projects in Project dashboard, leading to Information Disclosure...