Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:28 a.m.7 views

CVE-2024-6942

A vulnerability, which was classified as problematic, was found in ThinkSAAS 3.7.0. Affected is an unknown function of the file app/system/action/anti.php of the component Admin Panel Security Center. The manipulation of the argument ip/email/phone leads to cross site scripting. It is possible to...

5.4CVSS5.2AI score0.0043EPSS
Exploits1References1
NVD
NVD
added 2024/07/21 7:15 a.m.11 views

CVE-2024-6942

A vulnerability, which was classified as problematic, was found in ThinkSAAS 3.7.0. Affected is an unknown function of the file app/system/action/anti.php of the component Admin Panel Security Center. The manipulation of the argument ip/email/phone leads to cross site scripting. It is possible to...

5.4CVSS0.0043EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/07/21 6:31 a.m.18 views

CVE-2024-6942 ThinkSAAS Admin Panel Security Center anti.php cross site scripting

A vulnerability, which was classified as problematic, was found in ThinkSAAS 3.7.0. Affected is an unknown function of the file app/system/action/anti.php of the component Admin Panel Security Center. The manipulation of the argument ip/email/phone leads to cross site scripting. It is possible to...

5.3CVSS0.0043EPSS
Exploits1References4
CVE
CVE
added 2024/07/21 6:31 a.m.41 views

CVE-2024-6942

ThinkSAAS 3.7.0 Admin Panel Security Center contains a cross-site scripting flaw in file app/system/action/anti.php. Manipulating ip, email, or phone arguments can be exploited remotely; exploit has been disclosed publicly. Multiple connected sources confirm affected software and component. Pract...

5.4CVSS3.7AI score0.0043EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2024/07/21 6:0 a.m.23 views

CVE-2024-6941 ThinkSAAS do.php cross site scripting

A vulnerability, which was classified as problematic, has been found in ThinkSAAS 3.7.0. This issue affects some unknown processing of the file app/system/action/do.php. The manipulation of the argument sitetitle/sitesubtitle/sitekey/sitedesc/siteurl/siteemail/siteicp leads to cross site scriptin...

5.3CVSS0.00439EPSS
Exploits1References4
CVE
CVE
added 2024/07/21 6:0 a.m.50 views

CVE-2024-6941

ThinkSAAS 3.7.0 is affected by a cross-site scripting vulnerability in the processing of app/system/action/do.php. The issue arises from manipulating arguments site_title, site_subtitle, site_key, site_desc, site_url, site_email, and site_icp, enabling potential remote exploitation. The PT-Securi...

5.4CVSS3.8AI score0.00439EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder