Lucene search
K

10 matches found

Cvelist
Cvelist
added 2026/04/05 8:45 p.m.21 views

CVE-2019-25659 ASPRunner Professional 6.0.766 Local Buffer Overflow DoS

ASPRunner Professional 6.0.766 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by supplying an excessively long project name. Attackers can paste 180 or more characters into the Project name field during project creation to trigger an application...

6.9CVSS0.00146EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.9 views

Xlinesoft ASPRunner Professional 缓冲区错误漏洞

Xlinesoft ASPRunner Professional is a database-driven web application development tool provided by Xlinesoft Corporation in the United States. Version 6.0.766 of Xlinesoft ASPRunner Professional contains a buffer overflow vulnerability. This vulnerability stems from a local buffer overflow in the...

6.9CVSS6.1AI score0.00146EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-7035

Malware in sbrugna...

4.3CVSS6.4AI score0.01927EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-50690

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00414EPSS
Exploits1References3
CVE
CVE
added 2025/08/27 4:48 p.m.23 views

CVE-2025-34157

CVE-2025-34157 concerns Coolify. A stored XSS in the project-creation workflow affects versions prior to 4.0.0-beta.420.6. An authenticated user with low privileges can craft a project name containing JavaScript, which when an administrator deletes the project executes in the admin context, enabl...

9.4CVSS5.3AI score0.00448EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/08/27 4:48 p.m.14 views

CVE-2025-34157 Coolify Stored Cross-Site Scripting (XSS) in Project Name Field

Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a stored cross-site scripting XSS attack in the project creation workflow. An authenticated user with low privileges can create a project with a maliciously crafted name containing embedded JavaScript. When an administrator attempts to...

9.4CVSS0.00448EPSS
Exploits0References3
CVE
CVE
added 2024/12/22 12:0 a.m.461 views

CVE-2024-56314

CVE-2024-56314 affects REDCap: stored XSS in the Project name field (authenticated user input) for REDCap versions up to 14.9.6. When a user clicks the project name, the crafted payload can execute arbitrary web scripts. Root cause is an input handling flaw in the Project name field that allows s...

5.4CVSS5.3AI score0.00386EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2021/06/21 12:0 a.m.7 views

Akaunting 安全漏洞

Akaunting is a free, open source online accounting software designed for small businesses and freelancers. A CSV injection vulnerability exists in the project name field of the export function in Akaunting. An attacker can exploit this vulnerability to inject arbitrary code into the name paramete...

8.8CVSS6.1AI score0.01589EPSS
Exploits1References1
NVD
NVD
added 2014/01/03 6:54 p.m.16 views

CVE-2013-7257

Cross-site scripting XSS vulnerability in Codiad 2.0.7 allows remote attackers to inject arbitrary web script or HTML via the Project Name field...

4.3CVSS5.7AI score0.01927EPSS
Exploits1References5
Cvelist
Cvelist
added 2014/01/02 3:0 p.m.23 views

CVE-2013-7257

Cross-site scripting XSS vulnerability in Codiad 2.0.7 allows remote attackers to inject arbitrary web script or HTML via the Project Name field...

5.7AI score0.01927EPSS
Exploits1References5
Rows per page
Query Builder