17 matches found
EUVD-2020-18838
Malware in sbrugna...
EUVD-2020-18840
Malware in sbrugna...
CVE-2020-26218
touchbase.ai before version 2.0 is vulnerable to Cross-Site Scripting. The vulnerability allows an attacker to inject HTML payloads which could result in defacement, user redirection to a malicious webpage/website etc. The issue is patched in version 2.0...
CVE-2020-26221
touchbase.ai before version 2.0 is vulnerable to Cross-Site Scripting XSS. The vulnerability allows an attacker to send malicious JavaScript code which could result in hijacking of the user's cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser...
Puncsky Touchbase.ai Input Validation Error Vulnerability
Puncsky Touchbase.ai is a web platform for interpersonal relationships by Puncsky Individual Developers. Versions of touchbase.ai prior to 2.0 contain an input validation error vulnerability that can be exploited by attackers to compromise a website, and in some cases even lead to XSS attacks...
CVE-2020-26221
touchbase.ai before version 2.0 is vulnerable to Cross-Site Scripting XSS. The vulnerability allows an attacker to send malicious JavaScript code which could result in hijacking of the user's cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser...
Cross site scripting
touchbase.ai before version 2.0 is vulnerable to Cross-Site Scripting XSS. The vulnerability allows an attacker to send malicious JavaScript code which could result in hijacking of the user's cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser...
CVE-2020-26221 Stored Cross Site Scripting in touchbase.ai
touchbase.ai before version 2.0 is vulnerable to Cross-Site Scripting XSS. The vulnerability allows an attacker to send malicious JavaScript code which could result in hijacking of the user's cookie/session tokens, redirecting the user to a malicious webpage and performing unintended browser...
CVE-2020-26221
The CVE-2020-26221 entry concerns touchbase.ai before version 2.0, where a Cross-Site Scripting (XSS) vulnerability exists in the affected web application. The flaw allows an attacker to inject JavaScript that can hijack a user’s cookie/session tokens, redirect users to malicious pages, or cause ...
CVE-2020-26220 Information exposure in touchbase.ai
toucbase.ai before version 2.0 leaks information by not stripping exif data from images. Anyone with access to the uploaded image of other users could obtain its geolocation, device, and software version data etc if present. The issue is fixed in version 2.0...
CVE-2020-26219
touchbase.ai before version 2.0 is vulnerable to Open Redirect. Impacts can be many, and vary from theft of information and credentials, to the redirection to malicious websites containing attacker-controlled content, which in some cases even cause XSS attacks. So even though an open redirection...
CVE-2020-26218
touchbase.ai before version 2.0 is vulnerable to Cross-Site Scripting. The vulnerability allows an attacker to inject HTML payloads which could result in defacement, user redirection to a malicious webpage/website etc. The issue is patched in version 2.0...
Cross site scripting
touchbase.ai before version 2.0 is vulnerable to Cross-Site Scripting. The vulnerability allows an attacker to inject HTML payloads which could result in defacement, user redirection to a malicious webpage/website etc. The issue is patched in version 2.0...
Open redirect
touchbase.ai before version 2.0 is vulnerable to Open Redirect. Impacts can be many, and vary from theft of information and credentials, to the redirection to malicious websites containing attacker-controlled content, which in some cases even cause XSS attacks. So even though an open redirection...
CVE-2020-26219 Open Redirect in touchbase.ai
touchbase.ai before version 2.0 is vulnerable to Open Redirect. Impacts can be many, and vary from theft of information and credentials, to the redirection to malicious websites containing attacker-controlled content, which in some cases even cause XSS attacks. So even though an open redirection...
CVE-2020-26219
Touchbase.ai prior to version 2.0 is affected by an Open Redirect vulnerability. The issue allows redirection to attacker-controlled content and can lead to information/credential theft and, in some cases, cross-site scripting. The advisory notes the vulnerability is fixed in version 2.0. Remedia...
CVE-2020-26218
CVE-2020-26218 affects touchbase.ai prior to version 2.0 and is a Cross-Site Scripting vulnerability that lets attackers inject HTML payloads, potentially causing defacement and user redirection to malicious pages. The issue is mitigated by upgrading to version 2.0, which patches the vulnerabilit...