CVE-2022-31456

A cross-site scripting XSS vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name parameter...

EUVD-2018-8167

Malware in sbrugna...

EUVD-2015-6892

Malware in sbrugna...

EUVD-2022-52920

Malicious code in bioql PyPI...

CVE-2015-6960

edx-platform before 2015-09-17 allows XSS via a team name...

GZ::CTF 安全漏洞

GZ::CTF is an open source CTF platform based on ASP.NET Core by GZTime Individual Developers. A security vulnerability exists in GZ::CTF versions prior to 0.20.1, which originates from a cross-site scripting attack that can be performed by an unprivileged user on other users by constructing a...

PT-2024-21643 · Unknown · Hoppscotch

Name of the Vulnerable Software and Affected Versions: Hoppscotch versions prior to 2023.12.6 Description: Hoppscotch is an API development ecosystem. Due to the lack of validation for fields like Label Edit Team - TeamName, bad actors can send emails with spoofed content as Hoppscotch. Part of t...

CVE-2023-36941

A cross-site scripting XSS vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name, leader, and member fields...

CVE-2023-36941

A cross-site scripting XSS vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name, leader, and member fields...

Online Fire Reporting System 跨站脚本漏洞

Online Fire Reporting System is an online fire reporting system by Carlo Montero, an individual developer. A security vulnerability exists in Online Fire Reporting System version 1.2, which is caused by a cross-site scripting XSS vulnerability in several fields, including team name. The...

PT-2023-25747 · Unknown · Phpgurukul Online Fire Reporting System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Fire Reporting System Using PHP and MySQL version 1.2 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name, leader, and...

CVE-2022-31456

A cross-site scripting XSS vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name parameter...

CVE-2022-31456

A cross-site scripting XSS vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name parameter...

CVE-2022-31456

A cross-site scripting XSS vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name parameter...

PT-2023-13039 · Trudesk · Trudesk

Name of the Vulnerable Software and Affected Versions: Truedesk version 1.2.2 Description: A cross-site scripting issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name parameter. Recommendations: For Truedesk version 1.2.2, avoid using t...

Trudesk 跨站脚本漏洞

Trudesk is an open source helpdesk/ticketing solution from Trudesk, Inc. A security vulnerability exists in Trudesk version 1.2.2, which stems from a cross-site scripting XSS vulnerability in the parameter team name. An attacker can exploit this vulnerability to execute arbitrary web script or HT...

CVE-2022-31456

A cross-site scripting XSS vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name parameter...

Concourse 安全漏洞

Concourse is an automated system written in Go by Concourse Open Source. A security vulnerability exists in Concourse versions prior to 7.x.y through 7.8.3 and versions prior to 6.x.y through 6.7.9, which stems from the ability of its users to send a request with a request body...

CVE-2022-1030

Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be vulnerable to command injection via a specially crafted URL. An attacker, who has knowledge of a valid team name for the victim and also knows a valid target host where the user has access, can execute...

PT-2022-13603 · Okta · Okta Advanced Server Access Client

Name of the Vulnerable Software and Affected Versions: Okta Advanced Server Access Client for Linux and macOS versions prior to 1.58.0 Description: The issue allows for command injection via a specially crafted URL. An attacker with knowledge of a valid team name for the victim and a valid target...