Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-1631

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.0087EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/02/10 10:35 p.m.23 views

Permissive parameters and privilege escalation

An issue was discovered in Steve Pallen Coherence before 0.5.2 that is similar to a Mass Assignment vulnerability. In particular, "registration" endpoints e.g., creating, editing, updating allow users to update any coherencefields data. For example, users can automatically confirm their accounts ...

6.5CVSS4AI score0.00896EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2018/12/21 12:0 a.m.3 views

Steve Pallen Xain Cross-Site Scripting Vulnerability

Steve Pallen Xain is a library that provides HTML markup for Elixir. A cross-site scripting vulnerability exists in versions of Steve Pallen Xain prior to 0.6.2, which can be exploited by remote attackers to inject arbitrary web script or HTML with the help of the 'order' parameter...

6.1CVSS5.9AI score0.0087EPSS
Exploits1References1
NVD
NVD
added 2018/12/20 9:29 a.m.19 views

CVE-2018-20301

An issue was discovered in Steve Pallen Coherence before 0.5.2 that is similar to a Mass Assignment vulnerability. In particular, "registration" endpoints e.g., creating, editing, updating allow users to update any coherencefields data. For example, users can automatically confirm their accounts ...

6.5CVSS6.4AI score0.00896EPSS
Exploits0References1
OSV
OSV
added 2018/12/20 9:29 a.m.15 views

CVE-2018-20301

An issue was discovered in Steve Pallen Coherence before 0.5.2 that is similar to a Mass Assignment vulnerability. In particular, "registration" endpoints e.g., creating, editing, updating allow users to update any coherencefields data. For example, users can automatically confirm their accounts ...

6.5CVSS6.8AI score
Exploits0References1
Cvelist
Cvelist
added 2018/12/20 9:0 a.m.21 views

CVE-2018-20301

An issue was discovered in Steve Pallen Coherence before 0.5.2 that is similar to a Mass Assignment vulnerability. In particular, "registration" endpoints e.g., creating, editing, updating allow users to update any coherencefields data. For example, users can automatically confirm their accounts ...

6.4AI score0.00896EPSS
Exploits0References1
NVD
NVD
added 2018/12/20 12:29 a.m.15 views

CVE-2018-20302

An XSS issue was discovered in Steve Pallen Xain before 0.6.2 via the order parameter...

6.1CVSS6AI score0.0087EPSS
Exploits1References2
OSV
OSV
added 2018/12/20 12:29 a.m.14 views

CVE-2018-20302

An XSS issue was discovered in Steve Pallen Xain before 0.6.2 via the order parameter...

6.1CVSS6AI score
Exploits0References2
CVE
CVE
added 2018/12/20 12:0 a.m.47 views

CVE-2018-20302

Steve Pallen Xain is affected by an XSS vulnerability in versions prior to 0.6.2, exploitable via the order parameter. The issue is reported across multiple sources (CVE-2018-20302, related advisories). Remediation: upgrade to Xain 0.6.2 or newer to mitigate.

6.1CVSS5.9AI score0.0087EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2018/12/20 12:0 a.m.13 views

CVE-2018-20302

An XSS issue was discovered in Steve Pallen Xain before 0.6.2 via the order parameter...

6AI score0.0087EPSS
Exploits1References2
Rows per page
Query Builder