CVE-2025-12229

A security flaw has been discovered in projectworlds Expense Management System 1.0. This affects an unknown function of the file /public/admin/roles/create of the component Roles Page. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been...

CVE-2025-12229

A security flaw has been discovered in projectworlds Expense Management System 1.0. This affects an unknown function of the file /public/admin/roles/create of the component Roles Page. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been...

CVE-2025-12229

A security flaw has been discovered in projectworlds Expense Management System 1.0. This affects an unknown function of the file /public/admin/roles/create of the component Roles Page. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been...

CVE-2025-12229 projectworlds Expense Management System Roles Page create cross site scripting

A security flaw has been discovered in projectworlds Expense Management System 1.0. This affects an unknown function of the file /public/admin/roles/create of the component Roles Page. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been...

EUVD-2025-36082

A security flaw has been discovered in projectworlds Expense Management System 1.0. This affects an unknown function of the file /public/admin/roles/create of the component Roles Page. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been...

CVE-2025-12229

Projectworlds Expense Management System 1.0 is reportedly vulnerable to cross-site scripting via the /public/admin/roles/create function in the Roles Page. Affected component is the Roles Page, with the root cause described as manipulation of an unknown function in that file. The vulnerability en...

EUVD-2018-11495

Malware in sbrugna...

EUVD-2025-1832

Malicious code in bioql PyPI...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS through the manipulation of the /admin/auth/roles component due to improper sanitization of the Slug field. An attacker can inject malicious scripts by sending crafted inputs to the affected page. Details...

CVE-2025-0709 Dcat-Admin Roles Page roles cross site scripting

A vulnerability was found in Dcat-Admin 2.2.1-beta. It has been rated as problematic. This issue affects some unknown processing of the file /admin/auth/roles of the component Roles Page. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

CVE-2025-0709

CVE-2025-0709 affects Dcat-Admin 2.2.1-beta, specifically the Roles Page component at /admin/auth/roles. Root cause: cross-site scripting (XSS) via manipulation of input on that page; exploitation can be remote and has been disclosed publicly. Multiple sources (NVD, Red Hat, OSV, CVELIST, vulnbod...

CVE-2025-0709 Dcat-Admin Roles Page roles cross site scripting

A vulnerability was found in Dcat-Admin 2.2.1-beta. It has been rated as problematic. This issue affects some unknown processing of the file /admin/auth/roles of the component Roles Page. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

PT-2025-4018 · Unknown · Dcat-Admin

Name of the Vulnerable Software and Affected Versions: Dcat-Admin version 2.2.1-beta Description: A flaw was found in the Roles Page component of Dcat-Admin, specifically in the file /admin/auth/roles. This issue can be manipulated to lead to cross-site scripting XSS and can be initiated remotely...

dcat-admin 代码注入漏洞

dcat-admin is a Laravel-based back-end system builder by Jiang Qinghua, an individual developer. A code injection vulnerability exists in dcat-admin version 2.2.1-beta, which originates from the component Roles Page's file /admin/auth/roles that can lead to cross-site scripting...

LavaLite 跨站脚本漏洞

Lavalite is an open source content management system developed using the Laravel framework. A stored cross-site scripting vulnerability exists in the /admin/roles/role component of LavaLite version 5.8.0, which can be exploited by an attacker to execute arbitrary Web script or HTML via the ""New"...

CVE-2018-19820

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 build 51029. The page "/VPortal/mgtconsole/Roles.jsp" has reflected XSS via the ConnPoolName parameter...

Infovista VistaPortal SE '/VPortal/mgtconsole/Roles.jsp' page cross-site scripting vulnerability

Infovista VistaPortal SE is a Web-based application from Infovista USA. A cross-site scripting vulnerability exists in the '/VPortal/mgtconsole/Roles.jsp' page in Infovista VistaPortal SE version 5.1 build 51029. A remote attacker can exploit this vulnerability to inject arbitrary web script or...