CVE-2022-35224

SAP Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. This attack can be used to non-permanently deface or modify portal content. The execution of script content by a...

EUVD-2008-4225

Malware in sbrugna...

EUVD-2022-38116

Malicious code in bioql PyPI...

EUVD-2022-29995

Malicious code in bioql PyPI...

CVE-2024-47594

SAP NetWeaver Enterprise Portal KMC does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability in KMC servlet. An attacker could craft a script and trick the user into clicking it. When a victim who is registered on the portal clicks on such link,...

CVE-2024-47594

SAP NetWeaver Enterprise Portal (KMC) is affected by a Cross-Site Scripting vulnerability arising from insufficient encoding of user-controlled inputs in the KMC servlet. The PT-2024-7175 entry specifies affected software: SAP NetWeaver Enterprise Portal (KMC) versions 7.5, enabling remote attack...

CVE-2024-47594 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal (KMC)

SAP NetWeaver Enterprise Portal KMC does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability in KMC servlet. An attacker could craft a script and trick the user into clicking it. When a victim who is registered on the portal clicks on such link,...

PT-2024-7175 · Sap · Sap Netweaver Enterprise Portal

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Enterprise Portal KMC versions 7.5 Description: The issue is related to insufficient encoding of user-controlled inputs, resulting in a Cross-Site Scripting problem in the KMC servlet. This could allow an attacker to craft a...

Security Bulletin: IBM CICS TX Advanced is vulnerable to allowing access to a user's web browser session due to insufficiently protected credentials (CVE-2022-34311).

Summary IBM CICS TX Advanced could allow access to a user's web browser session due to insufficiently protected credentials. The fix removes this vulnerability CVE-2022-34311 from IBM CICS TX Advanced. Vulnerability Details CVEID:CVE-2022-34311 DESCRIPTION: IBM CICS TX could allow a user with...

Cross site scripting

SAP NetWeaver Enterprise Portal KMC - version 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability. KMC servlet is vulnerable to XSS attack. The execution of script content by a victim registered on the portal could compromise the...

CVE-2022-35298

SAP NetWeaver Enterprise Portal KMC - version 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability. KMC servlet is vulnerable to XSS attack. The execution of script content by a victim registered on the portal could compromise the...

CVE-2022-25311

A vulnerability has been identified in SINEC NMS All versions = V1.0.3 V2.0, SINEC NMS All versions V1.0.3, SINEMA Server V14 All versions. The affected software do not properly check privileges between users during the same web browser session, creating an unintended sphere of control. This coul...

CVE-2022-25311

The CVE-2022-25311 issue is an improper privilege management flaw in Siemens SINEC NMS (versions around 1.0.3 and SINEMA Server V14) where privileges are not correctly checked between users within the same browser session, enabling a authenticated low-privilege user to escalate privileges. Connec...

CVE-2022-25311

A vulnerability has been identified in SINEC NMS All versions = V1.0.3 V2.0, SINEC NMS All versions V1.0.3, SINEMA Server V14 All versions. The affected software do not properly check privileges between users during the same web browser session, creating an unintended sphere of control. This coul...