15 matches found
EUVD-2019-10953
Malware in sbrugna...
EUVD-2022-29038
Malicious code in bioql PyPI...
CVE-2022-24127
A Stored Cross-Site Scripting XSS vulnerability was discovered in ProjectGeneral/editprojectsettings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title apptitle field when editing an existing project. The payload i...
CVE-2024-45527
REDCap 14.7.0 allows HTML injection via the project title of a New Project action. This can lead to resultant logout CSRF via index.php?logout=1, and can also be used to insert a link to an external phishing website...
CVE-2024-45527
REDCap 14.7.0 is affected by an HTML injection via the project title on the New Project action. The underlying issue allows injecting HTML that can trigger a logout CSRF (via index.php?logout=1) and may be used to insert a link to an external phishing site. The Red Hat/CNNVD/CVE references confir...
CVE-2023-37798
A stored cross-site scripting XSS vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter...
CVE-2023-37798
A stored cross-site scripting XSS vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter...
PT-2023-26113 · Vanderbilt · Redcap
Name of the Vulnerable Software and Affected Versions: Vanderbilt REDCap version 13.1.35 Description: A stored cross-site scripting XSS vulnerability in the new REDCap project creation function allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the...
CVE-2022-24127
A Stored Cross-Site Scripting XSS vulnerability was discovered in ProjectGeneral/editprojectsettings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title apptitle field when editing an existing project. The payload i...
CVE-2022-24127
A Stored Cross-Site Scripting XSS vulnerability was discovered in ProjectGeneral/editprojectsettings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title apptitle field when editing an existing project. The payload i...
CVE-2022-27308
A stored cross-site scripting XSS vulnerability in PHProjekt PhpSimplyGest v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a project title...
CVE-2022-27308
A stored cross-site scripting XSS vulnerability in PHProjekt PhpSimplyGest v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a project title...
Cross site scripting
A stored cross-site scripting XSS vulnerability in PHProjekt PhpSimplyGest v1.3.0 allows attackers to execute arbitrary web scripts or HTML via a project title...
IDOR Disclosure of Private Project Titles
h3. Issue Summary Prerequisite:- Make sure to edit the hosts file in Linux located at /etc/hosts/ adding an entry as jira.hack Setup jira and create a new user account which can be achieved by navigating to User Management Users Create User and setting the Application Access to Jira-core. ...
WordPress SiteMile Project 2.0.9.5 Theme - Multiple Vulnerabilities
Exploit for php platform in category web applications Wordpress ProjectTheme Multiple Vulnerabilities - - ------------------------------------------------------------ Affected Version ================ Project Theme: 2.0.9.5 Problem Overview ================ Technical Risk: high Likelihood of...