18 matches found
EUVD-2020-23567
Malware in sbrugna...
EUVD-2020-23569
Malware in sbrugna...
CVE-2020-35985
A stored cross site scripting XSS vulnerability in the 'Global Lists" feature of Rukovoditel 2.7.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Name' parameter...
CVE-2020-35987
A stored cross site scripting XSS vulnerability in the 'Entities List' feature of Rukovoditel 2.7.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Name' parameter...
CVE-2020-35986
A stored cross site scripting XSS vulnerability in the 'Users Access Groups' feature of Rukovoditel 2.7.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Name' parameter...
Cross site scripting
A stored cross site scripting XSS vulnerability in the 'Entities List' feature of Rukovoditel 2.7.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Name' parameter...
Cross site scripting
A stored cross site scripting XSS vulnerability in the 'Global Lists" feature of Rukovoditel 2.7.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Name' parameter...
CVE-2020-35987
A stored cross site scripting XSS vulnerability in the 'Entities List' feature of Rukovoditel 2.7.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Name' parameter...
Cross site scripting
A stored cross site scripting XSS vulnerability in the 'Users Alerts' feature of Rukovoditel 2.7.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Title' parameter...
CVE-2020-35984
Rukovoditel
CVE-2020-35985
A stored cross site scripting XSS vulnerability in the 'Global Lists" feature of Rukovoditel 2.7.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Name' parameter...
CVE-2020-35985
Rukovoditel
CVE-2020-35986
The connected Nuclei template and multiple references confirm CVE-2020-35986 is a stored XSS in the Rukovoditel Web App (version
CVE-2020-35986
A stored cross site scripting XSS vulnerability in the 'Users Access Groups' feature of Rukovoditel 2.7.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Name' parameter...
CVE-2020-35987
Rukovoditel
Rukovoditel 跨站脚本漏洞
Rukovoditel is a free web-based open source project management application. A stored cross-site scripting vulnerability exists in the "User Access Groups" feature in Rukovoditel version 2.7.2, which can be exploited to execute arbitrary web script or HTML via the 'Name' parameter...
CVE-2020-13591
An exploitable SQL injection vulnerability exists in the "accessrules/rulesform" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability, this can be done...
PT-2021-9653 · Unknown · Rukovoditel Project Management App
Name of the Vulnerable Software and Affected Versions: Rukovoditel Project Management App version 2.7.2 Description: An exploitable SQL injection issue exists in the "forms fields rules/rules" page. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated...