30 matches found
CVE-2022-31456
A cross-site scripting XSS vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name parameter...
EUVD-2015-6892
Malware in sbrugna...
EUVD-2018-8167
Malware in sbrugna...
EUVD-2022-52920
Malicious code in bioql PyPI...
CVE-2015-6960
edx-platform before 2015-09-17 allows XSS via a team name...
GZ::CTF 安全漏洞
GZ::CTF is an open source CTF platform based on ASP.NET Core by GZTime Individual Developers. A security vulnerability exists in GZ::CTF versions prior to 0.20.1, which originates from a cross-site scripting attack that can be performed by an unprivileged user on other users by constructing a...
PT-2024-21643 · Unknown · Hoppscotch
Name of the Vulnerable Software and Affected Versions: Hoppscotch versions prior to 2023.12.6 Description: Hoppscotch is an API development ecosystem. Due to the lack of validation for fields like Label Edit Team - TeamName, bad actors can send emails with spoofed content as Hoppscotch. Part of t...
CVE-2023-36941
A cross-site scripting XSS vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name, leader, and member fields...
CVE-2023-36941
A cross-site scripting XSS vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name, leader, and member fields...
PT-2023-25747 · Unknown · Phpgurukul Online Fire Reporting System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Fire Reporting System Using PHP and MySQL version 1.2 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name, leader, and...
Online Fire Reporting System 跨站脚本漏洞
Online Fire Reporting System is an online fire reporting system by Carlo Montero, an individual developer. A security vulnerability exists in Online Fire Reporting System version 1.2, which is caused by a cross-site scripting XSS vulnerability in several fields, including team name. The...
CVE-2022-31456
A cross-site scripting XSS vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name parameter...
CVE-2022-31456
A cross-site scripting XSS vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name parameter...
CVE-2022-31456
A cross-site scripting XSS vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name parameter...
Trudesk 跨站脚本漏洞
Trudesk is an open source helpdesk/ticketing solution from Trudesk, Inc. A security vulnerability exists in Trudesk version 1.2.2, which stems from a cross-site scripting XSS vulnerability in the parameter team name. An attacker can exploit this vulnerability to execute arbitrary web script or HT...
CVE-2022-31456
A cross-site scripting XSS vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name parameter...
PT-2023-13039 · Trudesk · Trudesk
Name of the Vulnerable Software and Affected Versions: Truedesk version 1.2.2 Description: A cross-site scripting issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name parameter. Recommendations: For Truedesk version 1.2.2, avoid using t...
Concourse 安全漏洞
Concourse is an automated system written in Go by Concourse Open Source. A security vulnerability exists in Concourse versions prior to 7.x.y through 7.8.3 and versions prior to 6.x.y through 6.7.9, which stems from the ability of its users to send a request with a request body...
CVE-2022-1030
Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be vulnerable to command injection via a specially crafted URL. An attacker, who has knowledge of a valid team name for the victim and also knows a valid target host where the user has access, can execute...
CVE-2022-1030
Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be vulnerable to command injection via a specially crafted URL. An attacker, who has knowledge of a valid team name for the victim and also knows a valid target host where the user has access, can execute...