Lucene search
K

5 matches found

CNVD
CNVD
added 2020/11/19 12:0 a.m.2 views

Puncsky Touchbase.ai cross-site scripting vulnerability (CNVD-2020-66598)

Puncsky Touchbase.ai is a web platform for interpersonal relationships by Puncsky Individual Developers. A cross-site scripting vulnerability exists in versions prior to touchbase.ai 2.0, which can be exploited by an attacker to send malicious JavaScript code that hijacks a user's cookie session...

8CVSS6.3AI score0.00611EPSS
Exploits0References1
CNVD
CNVD
added 2020/11/17 12:0 a.m.1 views

Puncsky Touchbase.ai Cross-Site Scripting Vulnerability

Puncsky Touchbase.ai is a web platform for interpersonal relationships by Puncsky Individual Developers. A cross-site scripting vulnerability exists in versions prior to touchbase.ai 2.0, which can be exploited by an attacker to inject an HTML payload, resulting in damage, user redirection to a...

8CVSS6.1AI score0.01912EPSS
Exploits0References1
CNVD
CNVD
added 2020/11/17 12:0 a.m.5 views

Puncsky Touchbase.ai Information Disclosure Vulnerability

Puncsky Touchbase.ai is a web platform for interpersonal relationships by Puncsky Individual Developers. A security vulnerability exists in versions prior to touchbase.ai 2.0, which stems from a failure to strip exif data from an image, thus leaking information. Anyone with access to an image...

3.5CVSS6.8AI score0.00744EPSS
Exploits0References1
OSV
OSV
added 2020/11/11 10:15 p.m.2 views

CVE-2020-26219

touchbase.ai before version 2.0 is vulnerable to Open Redirect. Impacts can be many, and vary from theft of information and credentials, to the redirection to malicious websites containing attacker-controlled content, which in some cases even cause XSS attacks. So even though an open redirection...

6.1CVSS6.3AI score0.00608EPSS
Exploits0References1
OSV
OSV
added 2020/11/11 10:15 p.m.4 views

CVE-2020-26218

touchbase.ai before version 2.0 is vulnerable to Cross-Site Scripting. The vulnerability allows an attacker to inject HTML payloads which could result in defacement, user redirection to a malicious webpage/website etc. The issue is patched in version 2.0...

6.1CVSS6.4AI score
Exploits0References1
Rows per page
Query Builder