19 matches found
EUVD-2023-2421
Malicious code in bioql PyPI...
Subrion CMS Cross-site Scripting vulnerability
A Cross-site scripting XSS vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter...
CVE-2023-43884
A Cross-site scripting XSS vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter...
CVE-2023-43884
A Cross-site scripting XSS vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter...
Cross site scripting
A Cross-site scripting XSS vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter...
CVE-2023-43884
A Cross-site scripting XSS vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter...
CVE-2023-43884
A Cross-site scripting XSS vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter...
CVE-2023-43884
CVE-2023-43884 : Concrete details in connected records show a Cross-site Scripting (XSS) vulnerability in Subrion CMS v4.2.1, specifically in the Reference ID field of the Transactions panel. The issue permits execution of arbitrary web scripts/HTML via a crafted payload. The root cause is an inp...
Subrion CMS Cross-site Scripting vulnerability in /panel/languages
A Cross-site scripting XSS vulnerability in /panel/languages/ of Subrion v4.2.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Title' parameter...
Subrion CMS XSS in /panel/configuration/financial/
A Cross-site scripting XSS vulnerability in /panel/configuration/financial/ of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into several fields: 'Minimum deposit', 'Maximum deposit' and/or 'Maximum balance'...
CVE-2023-43830
A Cross-site scripting XSS vulnerability in /panel/configuration/financial/ of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into several fields: 'Minimum deposit', 'Maximum deposit' and/or 'Maximum balance'...
CVE-2023-43828
A Cross-site scripting XSS vulnerability in /panel/languages/ of Subrion v4.2.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Title' parameter...
CVE-2023-43830
A Cross-site scripting XSS vulnerability in /panel/configuration/financial/ of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into several fields: 'Minimum deposit', 'Maximum deposit' and/or 'Maximum balance'...
Cross site scripting
A Cross-site scripting XSS vulnerability in /panel/languages/ of Subrion v4.2.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Title' parameter...
CVE-2023-43828
CVE-2023-43828 is a Cross-site Scripting (XSS) vulnerability in Subrion v4.2.1 located at /panel/languages/ that allows injecting crafted payloads into the Title parameter to execute arbitrary web scripts or HTML. The NVD entry lists a MEDIUM severity (CVSSv3.1: 5.4) with network attack vector, l...
CVE-2023-43830
A Cross-site scripting XSS vulnerability in /panel/configuration/financial/ of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into several fields: 'Minimum deposit', 'Maximum deposit' and/or 'Maximum balance'...
CVE-2023-43830
CVE-2023-43830 affects Subrion CMS v4.2.1. The vulnerability is a Cross-Site Scripting (XSS) bug in the /panel/configuration/financial/ endpoint, where a crafted payload injected into multiple fields—specifically ‘Minimum deposit’, ‘Maximum deposit’, and/or ‘Maximum balance’—allows an attacker to...
CVE-2023-43828
A Cross-site scripting XSS vulnerability in /panel/languages/ of Subrion v4.2.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into 'Title' parameter...
CVE-2023-43830
A Cross-site scripting XSS vulnerability in /panel/configuration/financial/ of Subrion v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into several fields: 'Minimum deposit', 'Maximum deposit' and/or 'Maximum balance'...