Lucene search
K

11 matches found

OSV
OSV
added 2024/08/05 9:29 p.m.17 views

GHSA-858C-QXVX-RG9V Flowise Cross-site Scripting in /api/v1/chatflows-streaming/id

Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, a reflected cross-site scripting vulnerability occurs in the /api/v1/chatflows-streaming/id endpoint. If the default configuration is used unauthenticated, an attacker may be able...

6.1CVSS6.2AI score0.00459EPSS
Exploits1References4
OSV
OSV
added 2024/08/05 9:29 p.m.52 views

GHSA-WXM4-9F8P-GGGV Flowise Cross-site Scripting in/api/v1/credentials/id

Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, a reflected cross-site scripting vulnerability occurs in the /api/v1/credentials/id endpoint. If the default configuration is used unauthenticated, an attacker may be able to craf...

6.1CVSS6.2AI score0.00405EPSS
Exploits1References4
hivepro
hivepro
added 2023/07/17 6:57 a.m.9 views

TA445 Targeting Government and Military Sectors in Ukraine and Poland

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary TA455 conducts ongoing campaigns targeting government entities, military organizations, and civilians in Ukraine and Poland to steal information and establish remote access, using multi-stage infection...

6.7AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/11 12:0 a.m.244 views

Mastery LMS 1.2 Cross Site Scripting

Exploit Title: Mastery LMS 1.2 - Reflected XSS Exploit Author: CraCkEr Date: 09/07/2023 Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/mastery/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site Description Allow...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.224 views

GZ Forum Script 1.8 - Stored Cross-Site Scripting (XSS)

Exploit Title: GZ Forum Script 1.8 - Stored Cross-Site Scripting XSS Date: 30/06/2023 Exploit Author: CraCkEr Vendor: GZ Scripts Vendor Homepage: https://gzscripts.com/ Software Link: https://gzscripts.com/gz-forum-script.html Version: 1.8 Tested on: Windows 10 Pro Impact: Manipulate the content ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2023/06/27 12:0 a.m.314 views

Rocket LMS 1.7 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

7.1AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2019/03/29 10:55 a.m.12 views

Security Bulletin: IBM Event Streams could allow a remote attacker to bypass security restrictions by modifying the UI session cookie

Summary IBM Event Streams could allow a remote attacker to bypass security restrictions after authenticating with Event Streams. By modifying the UI session cookie, it may be possible for a remote attacker to steal user and session information that was sent during an encrypted session...

2AI score
Exploits0Affected Software1
OSV
OSV
added 2011/04/30 12:0 a.m.45 views

DSA-2227-1 iceape - several

Bulletin has no description...

10CVSS9.7AI score0.73655EPSS
Exploits19
OpenVAS
OpenVAS
added 2009/05/18 12:0 a.m.30 views

Google Chrome PDF Javascript Security Bypass Vulnerability

The host is installed with Google Chrome and is prone to PDF Javascript Security Bypass Vulnerability. OpenVAS Vulnerability Test $Id: secpodgooglechromepdfjsrestbypassvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ Google Chrome PDF Javascript Security Bypass Vulnerability Authors: Sujit Ghosal...

9.3CVSS0.01623EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2006/04/26 12:0 a.m.31 views

Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2006:075)

A number of vulnerabilities have been discovered in the Mozilla Firefox browser that could allow a remote attacker to craft malicious web pages that could take advantage of these issues to execute arbitrary code with elevated privileges, spoof content, and steal local files, cookies, or other...

10CVSS8.5AI score0.10487EPSS
Exploits2References19
Mozilla
Mozilla
added 2006/04/13 12:0 a.m.29 views

cross-site scripting through window.controllers — Mozilla

shutdown demonstrated how to use the window.controllers array to bypass same-origin protections, allowing a malicious site to inject script into content from another site. This could allow the malicious page to steal information such as cookies or passwords from the other site, or perform...

4.3CVSS1.8AI score0.02894EPSS
Exploits0References1Affected Software4
Rows per page
Query Builder