9 matches found
CVE-2023-4382
A vulnerability, which was classified as problematic, has been found in tdevs Hyip Rio 2.1. Affected by this issue is some unknown functionality of the file /user/settings of the component Profile Settings. The manipulation of the argument avatar leads to cross site scripting. The attack may be...
Cross site scripting
A vulnerability, which was classified as problematic, has been found in tdevs Hyip Rio 2.1. Affected by this issue is some unknown functionality of the file /user/settings of the component Profile Settings. The manipulation of the argument avatar leads to cross site scripting. The attack may be...
CVE-2023-4382 tdevs Hyip Rio Profile Settings settings cross site scripting
A vulnerability, which was classified as problematic, has been found in tdevs Hyip Rio 2.1. Affected by this issue is some unknown functionality of the file /user/settings of the component Profile Settings. The manipulation of the argument avatar leads to cross site scripting. The attack may be...
CVE-2023-4382 tdevs Hyip Rio Profile Settings settings cross site scripting
A vulnerability, which was classified as problematic, has been found in tdevs Hyip Rio 2.1. Affected by this issue is some unknown functionality of the file /user/settings of the component Profile Settings. The manipulation of the argument avatar leads to cross site scripting. The attack may be...
CVE-2023-4382
tdevs Hyip Rio 2.1 contains a cross-site scripting vulnerability in the Profile Settings /user/settings, where manipulation of the avatar parameter enables stored XSS. Multiple sources (NVD/NVD mirrors, Exploit-DB, PacketStorm, PRION/Vuln enrichment) document remote exploitation via attacking the...
PT-2023-29001 · Unknown · Tdevs Hyip Rio
Name of the Vulnerable Software and Affected Versions: tdevs Hyip Rio version 2.1 Description: A problematic issue has been found in the Profile Settings component, specifically in the /user/settings file, where the manipulation of the avatar argument leads to cross-site scripting. This issue can...
Hyip Rio 2.1 Cross Site Scripting / File Upload Vulnerabilities
Exploit Title: Hyip Rio 2.1 - Arbitrary File Upload Exploit Author: CraCkEr Vendor: tdevs Vendor Homepage: https://tdevs.co/ Software Link: https://hyiprio-feature.tdevs.co/ Tested on: Windows 10 Pro Impact: Allows User to upload files to the web server CVE: CVE-2023-4382 Description Allows...
tdevs Hyip Rio 跨站脚本漏洞
tdevs Hyip Rio is an online investment platform from tdevs, Inc. A cross-site scripting vulnerability exists in tdevs Hyip Rio version 2.1, which stems from a cross-site scripting XSS vulnerability in the parameter avatar in file /user/settings...
Hyip Rio 2.1 Cross Site Scripting / File Upload
Exploit Title: Hyip Rio 2.1 - Arbitrary File Upload Exploit Author: CraCkEr Date: 30/07/2023 Vendor: tdevs Vendor Homepage: https://tdevs.co/ Software Link: https://hyiprio-feature.tdevs.co/ Tested on: Windows 10 Pro Impact: Allows User to upload files to the web server CVE: CVE-2023-4382...