8 matches found
EUVD-2022-7329
Malicious code in bioql PyPI...
Cross site scripting
Cross Site Scripting vulnerability in wger Project wger Workout Manager v.2.2.0a3 allows a remote attacker to gain privileges via the licenseauthor field in the add-ingredient function in the templates/ingredients/view.html, models/ingredients.py, and views/ingredients.py components...
Reflected Cross site scripting (XSS) in kairosdb
KairosDB through 1.2.2 has XSS in view.html because of showErrorMessage in js/graph.js, as demonstrated by view.html?q= with a '"sampling":"value":"' substring...
GHSA-FJHH-67WV-7GR4 Reflected Cross site scripting (XSS) in kairosdb
KairosDB through 1.2.2 has XSS in view.html because of showErrorMessage in js/graph.js, as demonstrated by view.html?q= with a '"sampling":"value":"' substring...
CVE-2019-19040
KairosDB through 1.2.2 has XSS in view.html because of showErrorMessage in js/graph.js, as demonstrated by view.html?q= with a '"sampling":"value":"' substring...
Cross site scripting
KairosDB through 1.2.2 has XSS in view.html because of showErrorMessage in js/graph.js, as demonstrated by view.html?q= with a '"sampling":"value":"' substring...
CVE-2019-19040
KairosDB up to 1.2.2 contains an XSS in view.html via showErrorMessage in js/graph.js, demonstrated with a payload like '"sampling":{"value":"[removed]'". This CVE (CVE-2019-19040) is corroborated across multiple sources (NVD, Red Hat, GHSA/OSV, CNVD, CNVD CNVD, etc.). Exploitation status and con...
blacksingles.txt
Blacksingles.com Homepage: http://www.blacksingles.com Affected files Profile input boxes Add a friend input box. list.html view.html reply.html compose.html ------------------------------------------------- XSS vuln with cookie disclosure via the Location box. User data isn't sanatized before...