Lucene search
K

118 matches found

CVE
CVE
added 2024/04/08 8:45 a.m.60 views

CVE-2023-52539

CVE-2023-52539 relates to a privilege check/permission verification vulnerability in the Settings module of Huawei HarmonyOS (and EMUI). The issue is described across multiple sources as a privilege checking flaw in the Settings component that can affect service confidentiality. The NVD entry not...

7.5CVSS6.8AI score0.00319EPSS
Exploits0References2Affected Software2
CNVD
CNVD
added 2023/07/10 12:0 a.m.12 views

BageCMS Cross-Site Scripting Vulnerability

BageCMS is a cross-platform content management system CMS based on PHP and MySQL by the BageCMS team in China. A cross-site scripting vulnerability exists in BageCMS v3.1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the custom settings module, and can ...

5.4CVSS6.4AI score0.00297EPSS
Exploits1References1
OSV
OSV
added 2023/07/06 3:15 p.m.3 views

CVE-2023-37122

A stored cross-site scripting XSS vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module...

5.4CVSS5.9AI score0.00297EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/07/06 3:15 p.m.3 views

CVE-2023-37122

A stored cross-site scripting XSS vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module...

5.4CVSS6.2AI score0.00297EPSS
Exploits1References2
Prion
Prion
added 2023/07/06 3:15 p.m.11 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module...

4.9CVSS5.2AI score0.00297EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/06 12:0 a.m.15 views

CVE-2023-37122

A stored cross-site scripting XSS vulnerability in Bagecms v3.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Settings module...

5.7AI score0.00297EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/07/06 12:0 a.m.5 views

Bagecms 跨站脚本漏洞

BageCMS is a cross-platform content management system CMS based on PHP and MySQL by the BageCMS team in China. A cross-site scripting vulnerability exists in BageCMS v3.1.0, which stems from the lack of effective filtering and escaping of user-supplied data in the custom settings module, and can ...

5.4CVSS6.2AI score0.00297EPSS
Exploits1References2
NVD
NVD
added 2023/05/20 3:15 p.m.22 views

CVE-2023-1693

The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality...

7.5CVSS7.8AI score0.00377EPSS
Exploits0References2
OSV
OSV
added 2023/05/20 3:15 p.m.3 views

CVE-2023-1694

The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality...

7.5CVSS7.1AI score0.00377EPSS
Exploits0References2
OSV
OSV
added 2023/05/20 3:15 p.m.5 views

CVE-2023-1693

The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality...

7.5CVSS7.1AI score0.00377EPSS
Exploits0References2
NVD
NVD
added 2023/05/20 3:15 p.m.21 views

CVE-2023-1694

The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality...

7.5CVSS7.8AI score0.00377EPSS
Exploits0References2
Prion
Prion
added 2023/05/20 3:15 p.m.19 views

Privilege escalation

The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality...

5CVSS7.8AI score0.00377EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2023/05/20 3:15 p.m.21 views

Privilege escalation

The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality...

5CVSS7.8AI score0.00377EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2023/05/20 2:13 p.m.20 views

CVE-2023-1694

The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality...

8AI score0.00377EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/20 2:12 p.m.28 views

CVE-2023-1693

The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality...

8AI score0.00377EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/20 2:12 p.m.11 views

CVE-2023-1693

The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality...

7.8AI score0.00377EPSS
Exploits0References2
CVE
CVE
added 2023/05/20 2:12 p.m.75 views

CVE-2023-1693

CVE-2023-1693 describes a file privilege escalation in the Settings module with potential confidentiality impact. Affected component: Settings module (reported across multiple sources linked to HarmonyOS/Huawei and related advisories). Root cause: improper permission handling enabling escalation ...

7.5CVSS7.8AI score0.00377EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2023/05/20 12:0 a.m.4 views

PT-2023-17177 · Unknown · Settings Module

Name of the Vulnerable Software and Affected Versions: Settings module affected versions not specified Description: The issue concerns a file privilege escalation vulnerability in the Settings module. Successful exploitation of this vulnerability may affect confidentiality. Recommendations: At th...

7.5CVSS7.3AI score0.00377EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/05/20 12:0 a.m.6 views

PT-2023-17176 · Unknown · Settings Module

Name of the Vulnerable Software and Affected Versions: Settings module affected versions not specified Description: The issue concerns a file privilege escalation vulnerability in the Settings module. Successful exploitation of this vulnerability may affect confidentiality. Recommendations: At th...

7.5CVSS7.3AI score0.00377EPSS
Exploits0References5
OSV
OSV
added 2023/05/04 9:30 p.m.2 views

GHSA-JJ45-24RW-V6JW Cross-site scripting in TotalJS

A stored cross-site scripting XSS vulnerability in TotalJS allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field in the settings module...

5.4CVSS6.2AI score0.00667EPSS
Exploits1References7
Rows per page
Query Builder