8 matches found
EUVD-2020-28014
Malware in sbrugna...
EUVD-2021-32789
Malicious code in bioql PyPI...
CVE-2022-39240
MyGraph is a permission management system. Versions prior to 1.0.4 are vulnerable to a storage XSS vulnerability leading to Remote Code Execution. This issue is patched in version 1.0.4. There is no known workaround...
CVE-2020-6872
The server management software module of ZTE has a storage XSS vulnerability. The attacker inserts some attack codes through the foreground login page, which will cause the user to execute the predefined malicious script in the browser. This affects...
CVE-2024-9901
...
Image upload function has storage xss vulnerability
Description Malicious users can upload files containing malicious html code through this vulnerability, resulting in the theft of identity tokens of other users/administrators accessing related pages and the account being taken over Proof of Concept step1. Log in to a common user account step2...
Design/Logic Flaw
MyGraph is a permission management system. Versions prior to 1.0.4 are vulnerable to a storage XSS vulnerability leading to Remote Code Execution. This issue is patched in version 1.0.4. There is no known workaround...
CVE-2021-46087
In jfinalcms = 5.1 0, there is a storage XSS vulnerability in the background system of CMS. Because developers do not filter the parameters submitted by the user input form, any user with background permission can affect the system security by entering malicious code...