Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/04/16 2:39 p.m.13 views

CVE-2024-13597

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS Cross-site Scripting attacks. An attacker might trick a user into filling a form sent to login panel at /softcom/ with a malicious script, what causes the script to run in user's context. This vulnerability ha...

5.1CVSS5.4AI score0.00362EPSS
Exploits0References1
OSV
OSV
added 2025/04/14 12:15 p.m.3 views

CVE-2024-49705

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to client-side Denial of Servise DoS attacks. An attacker might trick a user into using an URL with a d parameter set to an unhandled value. All the subsequent requests will not be accepted as the server returns an error...

6.5CVSS5.7AI score0.00286EPSS
Exploits0References2
OSV
OSV
added 2025/04/14 12:15 p.m.2 views

CVE-2024-49707

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS Cross-site Scripting attacks. An attacker might trick a user into filling a form designed for resetting user's password with a malicious script, what causes the script to run in user's context. This...

6.1CVSS5.7AI score0.0021EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/14 12:5 p.m.8 views

CVE-2024-49706 XSS in iKSORIS

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Open Redirect attacks by including base64 encoded URLs in the target parameter sent in a POST request to one of the endpoints. This vulnerability has been patched in version 79.0...

5.1CVSS6.5AI score0.00294EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/14 12:5 p.m.20 views

CVE-2024-49706 XSS in iKSORIS

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Open Redirect attacks by including base64 encoded URLs in the target parameter sent in a POST request to one of the endpoints. This vulnerability has been patched in version 79.0...

5.1CVSS0.00294EPSS
Exploits0References2
CVE
CVE
added 2025/04/14 12:3 p.m.78 views

CVE-2024-10089

Technical details about CVE-2024-10089 are not publicly available in the provided documents. No specifics on affected components, root cause, exploit info, or fixes beyond the brief description are provided.

5.4CVSS5.6AI score0.00198EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/04/14 12:3 p.m.66 views

CVE-2024-10088

CVE-2024-10088 affects the Internet Starter module of SoftCOM iKSORIS. It is vulnerable to a Reflected XSS attack where a user is tricked into submitting a login form containing a malicious script, causing the script to run in the user’s browser context. The vulnerability is patched in version 79...

6.1CVSS5.7AI score0.00214EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/10/23 12:0 a.m.4 views

International Color Consortium DemoIccMAX Buffer Error Vulnerability

DemoIccMAX is International Color Consortium open source a iccMAX color profile demo implementation. A security vulnerability exists in International Color Consortium DemoIccMAX version 79ecb74, which stems from an out-of-bounds read vulnerability in function CIccPRMG::GetChroma...

8.8CVSS6.8AI score0.00535EPSS
Exploits1References2
Rows per page
Query Builder