14 matches found
CVE-2020-37014
Tryton 5.4 contains a persistent cross-site scripting vulnerability in the user profile name input that allows remote attackers to inject malicious scripts. Attackers can exploit the vulnerability by inserting script payloads in the name field, which execute in the frontend and backend user...
CVE-2020-37014
Tryton 5.4 contains a persistent cross-site scripting vulnerability in the user profile name input that allows remote attackers to inject malicious scripts. Attackers can exploit the vulnerability by inserting script payloads in the name field, which execute in the frontend and backend user...
EUVD-2020-30960
Tryton 5.4 contains a persistent cross-site scripting vulnerability in the user profile name input that allows remote attackers to inject malicious scripts. Attackers can exploit the vulnerability by inserting script payloads in the name field, which execute in the frontend and backend user...
CVE-2020-37014
Tryton 5.4 contains a persistent cross-site scripting vulnerability in the user profile name input that allows remote attackers to inject malicious scripts. Attackers can exploit the vulnerability by inserting script payloads in the name field, which execute in the frontend and backend user...
CVE-2020-37014 Tryton 5.4 - Persistent Cross-Site Scripting
Tryton 5.4 contains a persistent cross-site scripting vulnerability in the user profile name input that allows remote attackers to inject malicious scripts. Attackers can exploit the vulnerability by inserting script payloads in the name field, which execute in the frontend and backend user...
CVE-2020-37014
CVE-2020-37014 affects Tryton 5.4. A persistent cross-site scripting (XSS) in the user profile name input allows remote attackers to inject script payloads, which execute in both frontend and backend user interfaces. Documented impact is a frontend/backend XSS; CVSS scores are provided (4.0: base...
PT-2026-5415
Tryton 5.4 contains a persistent cross-site scripting vulnerability in the user profile name input that allows remote attackers to inject malicious scripts. Attackers can exploit the vulnerability by inserting script payloads in the name field, which execute in the frontend and backend user...
stored XSS Protection bypass by changing the User Profile Name
Hello, I was able to bypass the XSS Vulnerability i reported before by using this Payload. Lets try first a normal XSS Payload which will not work for example - alert'1' - NOT WOKRING : lets try the bypass payload 1'" XSS Payload fired and its stored - let me show you stored XSS : - it is a store...
CVE-2022-26615
A cross-site scripting XSS vulnerability in College Website Content Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the User Profile Name text fields...
CVE-2022-26615
A cross-site scripting XSS vulnerability in College Website Content Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the User Profile Name text fields...
CVE-2022-26615
A cross-site scripting XSS vulnerability in College Website Content Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the User Profile Name text fields...
Cross site scripting
A cross-site scripting XSS vulnerability in College Website Content Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the User Profile Name text fields...
College Website Content Management System 跨站脚本漏洞
College Website Content Management System is a college website management system by Carlo Montero, an individual developer. A cross-site scripting vulnerability exists in version 1.0 of the College Website Content Management System, which can be exploited by an attacker to execute arbitrary web...
User Profile name changes from User Name to "My Documents" or "Documents"
Under certain circumstances, the Desktop.ini file may cause the User Profile folder name on the User Store to change from the User Name to "My Documents". If we delete the "desktop.ini" file in the "My Documents" folder, it changes the folder name back to the correct user name...