4 matches found
CVE-2024-49764 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/capture.inc.php
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Capture Debug Information" page allows authenticated users to inject arbitrary JavaScript through the "hostname" parameter when creating a new device. This...
CVE-2024-3636 Pinpoint Booking System < 2.9.9.4.8 - Admin+ Stored XSS
The Pinpoint Booking System WordPress plugin before 2.9.9.4.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2021-21260 XSS in description field
Online Invoicing System OIS is open source software which is a lean invoicing system for small businesses, consultants and freelancers created using AppGini. In OIS version 4.0 there is a stored XSS which can enables an attacker takeover of the admin account through a payload that extracts a csrf...
Dimensions buy the system stored XSS can be comfortably background-vulnerability warning-the black bar safety net
fanwe buy the system thereXSScan obtain an administrator cookie and into the background First, in a goods to go in, inside there will be a refund of the message, will be there even if paid. Then comments can be addedXSS, the administrator every day view, the view will obtain administrator COOkie...