EUVD-2023-27386

Malicious code in bioql PyPI...

CVE-2023-23286

Cross Site Scripting XSS vulnerability in Provide server 14.4 allows attackers to execute arbitrary code through the server-log via username field from the login form...

Provide Server v.14.4 XSS - CSRF & Remote Code Execution (RCE)

Exploit Title: Provide Server v.14.4 XSS - CSRF & Remote Code Execution RCE Date: 2023-02-10 Exploit Author: Andreas Finstad Version: 14.4.1.29 Tested on: Windows Server 2022 CVE : CVE-2023-23286 POC: https://f20.be/blog/provide-server-14-4...

CVE-2023-23286

Cross Site Scripting XSS vulnerability in Provide server 14.4 allows attackers to execute arbitrary code through the server-log via username field from the login form...

CVE-2023-23286

Cross Site Scripting XSS vulnerability in Provide server 14.4 allows attackers to execute arbitrary code through the server-log via username field from the login form...

Cross site scripting

Cross Site Scripting XSS vulnerability in Provide server 14.4 allows attackers to execute arbitrary code through the server-log via username field from the login form...

CVE-2023-23286

CVE-2023-23286 describes a cross-site scripting (XSS) vulnerability in Provide server 14.4 that can be triggered via the server logs by the username field in the login form. The CVE indicates unauthenticated access, enabling an attacker to execute arbitrary code through the server-log content whe...

CVE-2023-23286

Cross Site Scripting XSS vulnerability in Provide server 14.4 allows attackers to execute arbitrary code through the server-log via username field from the login form...

CVE-2023-23286

Cross Site Scripting XSS vulnerability in Provide server 14.4 allows attackers to execute arbitrary code through the server-log via username field from the login form...

CVE-2020-11703

An issue was discovered in ProVide formerly zFTPServer through 13.1. /ajax/GetInheritedProperties allows HTTP Response Splitting via the language parameter...