123 matches found
Scriptcase 安全漏洞
Scriptcase is a low-code platform for rapid application development from Scriptcase, Inc. A security vulnerability exists in Scriptcase v9.10.023 and earlier versions that stems from vulnerability to cross-site scripting XSS attacks...
CVE-2024-46081
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS. An authenticated user can craft malicious payloads in the To-Do List. The assigned user will trigger a stored XSS, which is particularly dangerous because tasks are assigned to various users on the platform...
CVE-2024-46079
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS in projnew.php via the Descricao parameter...
CVE-2024-46084
Scriptcase 9.10.023 and before is vulnerable to Remote Code Execution RCE via the nmunzip function...
Scriptcase 安全漏洞
Scriptcase is a low-code platform for rapid application development from Scriptcase, Inc. A security vulnerability exists in Scriptcase v9.10.023 and earlier versions that stems from vulnerability to cross-site scripting XSS attacks...
CVE-2024-46080
Scriptcase v9.10.023 and earlier are affected by a Remote Code Execution (RCE) vulnerability through the nm_zip function. The CVE-2024-46080 entries across NVD/CVE list and Red Hat/CNNVD/CVELIST references confirm this is a high-severity issue (CVSSv3.1 base score 8.0) and affects the nm_zip path...
CVE-2024-8940
Vulnerability in the Scriptcase application version 9.4.019, which involves the arbitrary upload of a file via /scriptcase/devel/lib/third/jqueryplugin/jQuery-File-Upload/server/php/ via a POST request. An attacker could upload malicious files to the server due to the application not properly...
CVE-2024-8942
Vulnerability in Scriptcase version 9.4.019 that consists of a Cross-Site Scripting XSS, due to the lack of input validation, affecting the “idformmsgtitle” parameter, among others. This vulnerability could allow a remote user to send a specially crafted URL to a victim and retrieve their...
CVE-2024-8942
Vulnerability in Scriptcase version 9.4.019 that consists of a Cross-Site Scripting XSS, due to the lack of input validation, affecting the “idformmsgtitle” parameter, among others. This vulnerability could allow a remote user to send a specially crafted URL to a victim and retrieve their...
CVE-2024-8941
Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat/nmeditphpedit.php in the “subpage” parameter, which allows unauthenticated remote users to bypass SecurityManager's intended restrictions and list and/or read a parent directory via a “/...” or directly into a...
CVE-2024-8940
Vulnerability in the Scriptcase application version 9.4.019, which involves the arbitrary upload of a file via /scriptcase/devel/lib/third/jqueryplugin/jQuery-File-Upload/server/php/ via a POST request. An attacker could upload malicious files to the server due to the application not properly...
CVE-2024-8941
Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat/nmeditphpedit.php in the “subpage” parameter, which allows unauthenticated remote users to bypass SecurityManager's intended restrictions and list and/or read a parent directory via a “/...” or directly into a...
Scriptcase 代码问题漏洞
Scriptcase is a low-code platform for rapid application development from Scriptcase, Inc. A code issue vulnerability exists in Scriptcase version 9.4.019 that stems from improper input validation and could allow an attacker to upload malicious files to the server...
Scriptcase 路径遍历漏洞
Scriptcase is a low-code platform for rapid application development from Scriptcase, Inc. A path traversal vulnerability exists in Scriptcase version 9.4.019 that stems from improper parameter handling and allows an unauthenticated remote user to bypass SecurityManager's expected restrictions and...
Scriptcase 跨站脚本漏洞
Scriptcase is a low-code platform for rapid application development from Scriptcase, Inc. A cross-site scripting vulnerability exists in Scriptcase version 9.4.019 that stems from a lack of input validation of parameters, which could allow a remote user to send a specially constructed URL to a...
CVE-2024-8942 Cross-site Scripting vulnerability on Scriptcase
Vulnerability in Scriptcase version 9.4.019 that consists of a Cross-Site Scripting XSS, due to the lack of input validation, affecting the “idformmsgtitle” parameter, among others. This vulnerability could allow a remote user to send a specially crafted URL to a victim and retrieve their...
CVE-2024-8942
Summary (CVE-2024-8942): A cross-site scripting vulnerability exists in Scriptcase 9.4.019 caused by lack of input validation, affecting the id_form_msg_title parameter among others. A remote attacker could lure a victim with a crafted URL and, as described in sources, retrieve credentials. The c...
CVE-2024-8942 Cross-site Scripting vulnerability on Scriptcase
Vulnerability in Scriptcase version 9.4.019 that consists of a Cross-Site Scripting XSS, due to the lack of input validation, affecting the “idformmsgtitle” parameter, among others. This vulnerability could allow a remote user to send a specially crafted URL to a victim and retrieve their...
CVE-2024-8941 Path Traversal vulnerability on Scriptcase
Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat/nmeditphpedit.php in the “subpage” parameter, which allows unauthenticated remote users to bypass SecurityManager's intended restrictions and list and/or read a parent directory via a “/...” or directly into a...
CVE-2024-8941 Path Traversal vulnerability on Scriptcase
Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat/nmeditphpedit.php in the “subpage” parameter, which allows unauthenticated remote users to bypass SecurityManager's intended restrictions and list and/or read a parent directory via a “/...” or directly into a...