118 matches found
CVE-2023-52539
CVE-2023-52539 relates to a privilege check/permission verification vulnerability in the Settings module of Huawei HarmonyOS (and EMUI). The issue is described across multiple sources as a privilege checking flaw in the Settings component that can affect service confidentiality. The NVD entry not...
BageCMS Cross-Site Scripting Vulnerability
BageCMS is a cross-platform content management system CMS based on PHP and MySQL by the BageCMS team in China. A cross-site scripting vulnerability exists in BageCMS v3.1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the custom settings module, and can ...
CVE-2023-37122
A stored cross-site scripting XSS vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module...
CVE-2023-37122
A stored cross-site scripting XSS vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module...
Cross site scripting
A stored cross-site scripting XSS vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module...
CVE-2023-37122
A stored cross-site scripting XSS vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module...
Bagecms 跨站脚本漏洞
BageCMS is a cross-platform content management system CMS based on PHP and MySQL by the BageCMS team in China. A cross-site scripting vulnerability exists in BageCMS v3.1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the custom settings module, and can ...
CVE-2023-1693
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality...
CVE-2023-1694
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality...
CVE-2023-1693
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality...
CVE-2023-1694
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality...
Privilege escalation
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality...
Privilege escalation
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality...
CVE-2023-1694
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality...
CVE-2023-1693
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality...
CVE-2023-1693
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality...
CVE-2023-1693
CVE-2023-1693 describes a file privilege escalation in the Settings module with potential confidentiality impact. Affected component: Settings module (reported across multiple sources linked to HarmonyOS/Huawei and related advisories). Root cause: improper permission handling enabling escalation ...
PT-2023-17177 · Unknown · Settings Module
Name of the Vulnerable Software and Affected Versions: Settings module affected versions not specified Description: The issue concerns a file privilege escalation vulnerability in the Settings module. Successful exploitation of this vulnerability may affect confidentiality. Recommendations: At th...
PT-2023-17176 · Unknown · Settings Module
Name of the Vulnerable Software and Affected Versions: Settings module affected versions not specified Description: The issue concerns a file privilege escalation vulnerability in the Settings module. Successful exploitation of this vulnerability may affect confidentiality. Recommendations: At th...
GHSA-JJ45-24RW-V6JW Cross-site scripting in TotalJS
A stored cross-site scripting XSS vulnerability in TotalJS allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field in the settings module...