12 matches found
EUVD-2023-44164
Malicious code in bioql PyPI...
CVE-2023-43944
A Stored Cross Site Scripting XSS vulnerability was found in SourceCodester Task Management System 1.0. It allows attackers to execute arbitrary code via parameter field in index.php?page=projectlist...
CVE-2023-43944
A Stored Cross Site Scripting XSS vulnerability was found in SourceCodester Task Management System 1.0. It allows attackers to execute arbitrary code via parameter field in index.php?page=projectlist...
SourceCodester Task Management System Cross-Site Scripting Vulnerability
SourceCodester Task Management System is a task management system. A cross-site scripting vulnerability exists in SourceCodester Task Management System version 1.0. An attacker can exploit this vulnerability to execute arbitrary code via the parameter field in index.php?page=projectlist...
Cross site scripting
A vulnerability was found in Onest CRM 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/project/update/2 of the component Project List Handler. The manipulation of the argument name with the input alert1 leads to cross site scripting. It is possible to...
CVE-2023-3505 Onest CRM Project List 2 cross site scripting
A vulnerability was found in Onest CRM 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/project/update/2 of the component Project List Handler. The manipulation of the argument name with the input alert1 leads to cross site scripting. It is possible to...
CVE-2023-3505 Onest CRM Project List 2 cross site scripting
A vulnerability was found in Onest CRM 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/project/update/2 of the component Project List Handler. The manipulation of the argument name with the input alert1 leads to cross site scripting. It is possible to...
CVE-2019-16908
An issue was discovered in the Infosysta "In-App & Desktop Notifications" app before 1.6.14J8 for Jira. It is possible to obtain a list of all Jira projects without authentication/authorization via the plugins/servlet/nfj/ProjectFilter?searchQuery= URI...
CVE-2019-16909
An issue was discovered in the Infosysta "In-App & Desktop Notifications" app before 1.6.14J8 for Jira. It is possible to obtain a list of all Jira projects with authentication as a Jira user, but without authorization for specific projects via the plugins/servlet/nfj/NotificationSettings URI...
OpenProject Cross-Site Scripting Vulnerability
OpenProject is an open source Web-based project management software . The software has project planning , task management , bug tracking and cost budgeting and other functions . A cross-site scripting vulnerability exists in the project list in OpenProject versions prior to 9.0.4 and 10.x version...
NullPointerException when there are no cookies and AccessLogRequestInfo is enabled
When using the filter-list and project-list plugins I ran into an issue where NullPointerExceptions were being thrown. I turned out the issue is in AccessLogRequestInfo when the Cookie header doesn't exists. The line that causes the exception is a log.debug line. I am including a patch that check...
NullPointerException when there are no cookies and AccessLogRequestInfo is enabled
When using the filter-list and project-list plugins I ran into an issue where NullPointerExceptions were being thrown. I turned out the issue is in AccessLogRequestInfo when the Cookie header doesn't exists. The line that causes the exception is a log.debug line. I am including a patch that check...