CVE-2021-41557

Sofico Miles RIA 2020.2 Build 127964T is affected by Stored Cross Site Scripting XSS. An attacker with access to a user account of the RIA IT or the Fleet role can create a crafted work order in the damage reports section or change existing work orders. The XSS payload is in the work order number...

EUVD-2025-143392

Malicious code in anidata-hadits-ria npm...

EUVD-2025-139194

Malicious code in nuyar-adamir-ria npm...

Malicious code in nuyar-adamir-ria (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c424290a934c70d06472a673dc71f0360b3730a022d5fd051b0f27e8595c455b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2013-5993

Malware in sbrugna...

MAL-2025-2803 Malicious code in ria-learninghub (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a83f503eead43ba3f08b93a32822c4c075b0029c73b852b2fec0871457b3ed26 The OpenSSF Package Analysis project identified 'ria-learninghub' @ 1.0.1 npm as malicious. It is considered malicious because: - The package...

Malicious code in ria-learninghub (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a83f503eead43ba3f08b93a32822c4c075b0029c73b852b2fec0871457b3ed26 The OpenSSF Package Analysis project identified 'ria-learninghub' @ 1.0.1 npm as malicious. It is considered malicious because: - The package...

MAL-2024-10269 Malicious code in @wf-wfria/ria-analytics (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a6704722f829f142a06f1ec217b553b1824ff3b10d283dbe1a492b45c100859d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2021-41557

Sofico Miles RIA 2020.2 Build 127964T is affected by Stored Cross Site Scripting XSS. An attacker with access to a user account of the RIA IT or the Fleet role can create a crafted work order in the damage reports section or change existing work orders. The XSS payload is in the work order number...

Cross site scripting

Sofico Miles RIA 2020.2 Build 127964T is affected by Stored Cross Site Scripting XSS. An attacker with access to a user account of the RIA IT or the Fleet role can create a crafted work order in the damage reports section or change existing work orders. The XSS payload is in the work order number...

CVE-2021-41557

Sofico Miles RIA 2020.2 Build 127964T is affected by Stored Cross Site Scripting XSS. An attacker with access to a user account of the RIA IT or the Fleet role can create a crafted work order in the damage reports section or change existing work orders. The XSS payload is in the work order number...

CVE-2021-41557

CVE-2021-41557 affects Sofico Miles RIA 2020.2, build 127964T. The vulnerability is a Stored Cross Site Scripting (XSS) flaw in the work order number field within the damage reports section, exploitable by an attacker who already has a user account with IT or Fleet role access. The impact is desc...

Sofico Miles RIA 2020.2 Build 127964T Cross Site Scripting Vulnerability

Sofico Miles RIA version 2020.2 build 127964T suffers from a persistent cross site scripting vulnerability. ======================================================================= title: Stored Cross Site Scripting product: Sofico Miles RIA vulnerable version: 2020.2 build 127964T fixed version:...

Sofico Miles RIA 2020.2 Build 127964T Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored Cross Site Scripting product: Sofico Miles RIA vulnerable version: 2020.2 build 127964T fixed version: 2020.2 build 128076 or higher CVE number: CVE-2021-41557...

Sofico Miles Ria跨站脚本漏洞

Sofico Miles Ria is a car rental management software from Sofico Belgium. A security vulnerability exists in Sofico Miles RIA version 2020.2 build 127964T, which allows an attacker to create a malicious work order in the damase report section or change an existing work order using a malicious...

ria-dent.ru Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1083280 Security Researcher geeknik Helped patch 8781 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting ria-dent.ru website and it...

ria-bureautique.fr XSS vulnerability

Vulnerable URL: http://ria-bureautique.fr/index.php?disconnect=1=%3Csvg/onload=alert/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...

Project'Or RIA 3.4.0 (objectDetail.php, objectId param) - SQL Injection

No description provided by source...

[ISecAuditors Security Advisories] Multiple XSS vulnerabilities in "Project'Or RIA"

============================================= INTERNET SECURITY AUDITORS ALERT 2013-018 - Original release date: July 26th, 2013 - Last revised: July 26th, 2013 - Discovered by: Vicente Aguilera Diaz - Severity: 4.3/10 CVSSv2 Base Scored - CVE-ID: CVE-2013-6163...

CVE-2013-6164

SQL injection vulnerability in view/objectDetail.php in Project'Or RIA 3.4.0 allows remote attackers to execute arbitrary SQL commands via the objectId parameter...