CVE-2022-41413

perfSONAR v4.x = v4.4.5 was discovered to contain a Cross-Site Request Forgery CSRF which is triggered when an attacker injects crafted input into the Search function...

PT-2022-25850 · Perfsonar · Perfsonar

Name of the Vulnerable Software and Affected Versions: perfSONAR versions 4.x through 4.4.5 Description: The issue is a Cross-Site Request Forgery CSRF that occurs when an attacker injects crafted input into the Search function. Recommendations: For versions 4.x through 4.4.5, consider disabling...

CVE-2022-40487

ProcessWire v3.0.200 was discovered to contain multiple cross-site scripting XSS vulnerabilities via the Search Users and Search Pages function. These vulnerabilities allow attackers to execute arbitrary web scripts or HTML via injection of a crafted payload...

CVE-2022-41473

RPCMS v3.0.2 was discovered to contain a reflected cross-site scripting XSS vulnerability in the Search function...

Cross site scripting

RPCMS v3.0.2 was discovered to contain a reflected cross-site scripting XSS vulnerability in the Search function...

PT-2022-25880 · Rpcms · Rpcms

Name of the Vulnerable Software and Affected Versions: RPCMS version 3.0.2 Description: A reflected cross-site scripting XSS issue was found in the Search function. This could potentially allow an attacker to inject malicious scripts into the website. Recommendations: For RPCMS version 3.0.2,...

CVE-2022-41473

RPCMS v3.0.2 was discovered to contain a reflected cross-site scripting XSS vulnerability in the Search function...

CVE-2022-41473

RPCMS 3.0.2 contains a reflected Cross-Site Scripting (XSS) vulnerability in the Search function. An attacker can inject arbitrary script in the victim’s browser, potentially stealing cookie-based credentials and enabling additional browser-based attacks. Affected product: RPCMS 3.0.2; vulnerabil...

RPCMS 跨站脚本漏洞

RPCMS is a software application. A website CMS system. A security vulnerability exists in RPCMS version v3.0.2 that stems from the inclusion of reflected cross-site scripting XSS in the search function...

Cross site scripting

SLiMS Senayan Library Management System v9.4.2 was discovered to contain a cross-site scripting XSS vulnerability via the Search function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search bar...

CVE-2022-32297

Piwigo v12.2.0 was discovered to contain SQL injection vulnerability via the Search function...

CVE-2022-32297

Piwigo v12.2.0 was discovered to contain SQL injection vulnerability via the Search function...

CVE-2022-32297

Piwigo v12.2.0 was discovered to contain SQL injection vulnerability via the Search function...

Sql injection

Piwigo v12.2.0 was discovered to contain SQL injection vulnerability via the Search function...

CVE-2022-32297

CVE-2022-32297 affects Piwigo v12.2.0 and earlier, where the SQL injection vulnerability is triggered via the Search function. The OpenVAS/Red Hat/CVE entries corroborate a web-facing SQLi issue in Piwigo’s search path, with the root cause described as injectable payloads impacting the database. ...

Piwigo SQL注入漏洞

Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management. A security vulnerability exists in Piwigo v12.2.0 and earlier versions. The vulnerability stems from the fact that an attacker can use...

CVE-2022-31478

The UserTakeOver plugin before 4.0.1 for ILIAS allows an attacker to list all users via the search function...

ILIAS plugin UserTakeOver 安全漏洞

ILIAS is an open source learning management system. A security vulnerability exists in the ILIAS plugin UserTakeOver versions prior to 4.0.1. An attacker exploited the vulnerability to list all users via the search function...

Cross-site Scripting (XSS) - Reflected

Description I find Relected XSS in search function. Proof of Concept 1.Login with admin or teacher account 2.Access this url:...

Cross-site Scripting (XSS) in Search Fuction with filter

Description The is an XSS could be trigger via search function in number filter. Cross-site Scripting XSS refers to client-side code injection attack wherein an attacker can execute malicious scripts into a legitimate website or web application. XSS occurs when a web application makes use of...