Lucene search
K

47 matches found

NVD
NVD
added 2024/01/26 10:15 a.m.26 views

CVE-2024-23879

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/statemodify.php, in the description parameter. Exploitation of this vulnerability...

8.2CVSS7.2AI score0.00399EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2022/05/14 3:45 a.m.14 views

Jenkins Delivery Pipeline Plugin Cross-site Scripting vulnerability

The Jenkins Delivery Pipeline Plugin version 1.0.7 and earlier used the unescaped content of the query parameter 'fullscreen' in its JavaScript, resulting in a cross-site scripting vulnerability through specially crafted URLs. Version 1.0.8 of the plugin converts the value to a boolean true/false...

6.1CVSS2.5AI score0.00948EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/03/18 5:55 p.m.88 views

GHSA-4R8Q-GV9J-3XX6 Open Redirect

Impact In some situations, it is possible to have open redirects where users can be redirected from your site to any other site using a specially crafted URL. This is only the case for installations where the default Hostname Identification is used and the environment uses tenants that have...

4.3CVSS5.7AI score0.0102EPSS
Exploits0References5
NVD
NVD
added 2021/11/01 10:15 p.m.19 views

CVE-2021-43058

An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site...

6.1CVSS0.00563EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/09/28 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2021-2549)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.9AI score0.10047EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2021/09/27 12:0 a.m.44 views

EulerOS 2.0 SP9 : git (EulerOS-SA-2021-2549)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This...

9.3CVSS7.5AI score0.10047EPSS
Exploits2References3
NVD
NVD
added 2021/05/27 5:15 p.m.37 views

CVE-2021-32645

Tenancy multi-tenant is an open source multi-domain controller for the Laravel web framework. In some situations, it is possible to have open redirects where users can be redirected from your site to any other site using a specially crafted URL. This is only the case for installations where the...

6.1CVSS0.0102EPSS
Exploits0References4
NVD
NVD
added 2021/05/20 12:15 p.m.13 views

CVE-2021-27461

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected webserver applications allow access to stored data that can be obtained by using specially crafted URLs...

7.5CVSS0.01397EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/02/23 4:4 p.m.44 views

CVE-2021-22113

Applications using the “Sensitive Headers” functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the “Sensitive Headers” restriction when executing requests with specially constructed URLs. Applications that use Spring Security's StrictHttpFirewall...

5.5AI score0.00819EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.42 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : git Multiple Vulnerabilities (NS-SA-2020-0113)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has git packages installed that are affected by multiple vulnerabilities: - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clone...

9.3CVSS8.2AI score0.10047EPSS
Exploits2References3
CNVD
CNVD
added 2020/11/17 12:0 a.m.8 views

KonaWiki3 cross-site scripting vulnerability

KonaWiki3 is a very simple PHP Wiki engine.KonaWiki3 is vulnerable to cross-site scripting. An attacker can exploit this vulnerability to execute arbitrary scripts on a user's Web browser via specially crafted URLs...

3.4AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2020/10/14 3:7 p.m.29 views

CVE-2020-24301

Users of the HAPI FHIR Testpage Overlay 5.0.0 and below can use a specially crafted URL to exploit an XSS vulnerability in this module, allowing arbitrary JavaScript to be executed in the user's browser. The impact of this vulnerability is believed to be low, as this module is intended for testin...

4.3CVSS3.3AI score0.00947EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2020/10/09 12:0 a.m.542 views

Twitter Analytics Open Redirect

================================================================================Twitter Analytics Open Redirect Vulnerability ================================================================================ Credit by Asheesh Anaconda Description An open redirect vulnerability exists in Twitter...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/09/28 12:0 a.m.24 views

EulerOS 2.0 SP3 : git (EulerOS-SA-2020-2111)

According to the version of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git use...

9.3CVSS7.4AI score0.10047EPSS
Exploits2References2
Amazon
Amazon
added 2020/07/29 12:0 a.m.92 views

Important: git

Issue Overview: Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260GHSA-qm7j-c969-7j4q. The fix for that bug still left the door open for an exploit where some credentia...

9.3CVSS8.1AI score0.10047EPSS
Exploits2
NVD
NVD
added 2020/07/27 10:15 p.m.19 views

CVE-2020-10643

An authenticated remote attacker could use specially crafted URLs to send a victim using PI Vision 2019 mobile to a vulnerable web page due to a known issue in a third-party component...

6.5CVSS6.5AI score0.00951EPSS
Exploits0References1
CVE
CVE
added 2020/07/27 9:20 p.m.69 views

CVE-2020-10643

CVE-2020-10643 affects OSIsoft PI Vision (PI System) with a cross-site scripting vulnerability in the PI Vision web application caused by improper input validation in a third-party component. An authenticated remote attacker can use specially crafted URLs to direct a victim using PI Vision 2019 m...

6.5CVSS5.8AI score0.00951EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/07/27 9:20 p.m.21 views

CVE-2020-10643 OSIsoft PI System

An authenticated remote attacker could use specially crafted URLs to send a victim using PI Vision 2019 mobile to a vulnerable web page due to a known issue in a third-party component...

6.5CVSS6.3AI score0.00951EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/07/21 12:0 a.m.33 views

NewStart CGSL MAIN 6.01 : git Vulnerability (NS-SA-2020-0036)

The remote NewStart CGSL host, running version MAIN 6.01, has git packages installed that are affected by a vulnerability: - Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to...

7.5CVSS7.4AI score0.03899EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2020/06/16 8:15 p.m.85 views

Exploit for Path Traversal in Vmware Spring_Cloud_Config

CVE-2020-5410 Spring Cloud Config directory traversal vulnera...

7.5CVSS8.2AI score0.95586EPSS
Exploits3
Rows per page
Query Builder