14 matches found
EUVD-2024-46628
Malicious code in bioql PyPI...
EUVD-2024-46627
Malicious code in bioql PyPI...
CVE-2024-5406
A vulnerability had been discovered in WinNMP 19.02 consisting of an XSS attack via index page in from, subject, text and hash parameters. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their session details...
CVE-2024-5406
A vulnerability had been discovered in WinNMP 19.02 consisting of an XSS attack via index page in from, subject, text and hash parameters. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their session details...
CVE-2024-5405
A vulnerability had been discovered in WinNMP 19.02 consisting of an XSS attack via /tools/redis.php page in the k, hash, key and p parameters. This vulnerability could allow a remote user to submit a specially crafted JavaScript payload for an authenticated user to retrieve their session details...
CVE-2024-5406 Multiple vulnerabilities in WinNMP from Wtriple
A vulnerability had been discovered in WinNMP 19.02 consisting of an XSS attack via index page in from, subject, text and hash parameters. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their session details...
CVE-2024-5406 Multiple vulnerabilities in WinNMP from Wtriple
A vulnerability had been discovered in WinNMP 19.02 consisting of an XSS attack via index page in from, subject, text and hash parameters. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their session details...
CVE-2024-5406
CVE-2024-5406 affects WinNMP 19.02, where an XSS flaw exists in the index page via the from, subject, text, and hash parameters. A remote attacker could send a specially crafted query to an authenticated user, potentially stealing session details. The NVD entry lists CVSSv3.1: AV:N/AC:L/PR:N/UI:R...
CVE-2024-5405 Multiple vulnerabilities in WinNMP from Wtriple
A vulnerability had been discovered in WinNMP 19.02 consisting of an XSS attack via /tools/redis.php page in the k, hash, key and p parameters. This vulnerability could allow a remote user to submit a specially crafted JavaScript payload for an authenticated user to retrieve their session details...
CVE-2024-5405
WinNMP 19.02 contains an XSS vulnerability exploitable via /tools/redis.php, specifically in the k, hash, key, and p parameters. A remote attacker could inject JavaScript to fetch an authenticated user’s session details. The issue is documented across multiple sources (CVE-2024-5405, RH, NVD, CVE...
CVE-2024-5405 Multiple vulnerabilities in WinNMP from Wtriple
A vulnerability had been discovered in WinNMP 19.02 consisting of an XSS attack via /tools/redis.php page in the k, hash, key and p parameters. This vulnerability could allow a remote user to submit a specially crafted JavaScript payload for an authenticated user to retrieve their session details...
WinNMP 跨站脚本漏洞
WinNMP is a WinNMP package for quickly setting up a development server. A cross-site scripting vulnerability exists in WinNMP version 19.02, which stems from susceptibility to cross-site scripting XSS attacks that could allow an attacker to retrieve session details by submitting a specially craft...
PT-2024-36018 · Winnmp · Winnmp
Name of the Vulnerable Software and Affected Versions: WinNMP version 19.02 Description: A vulnerability has been discovered that allows for an XSS attack via the /tools/redis.php page, specifically in the k, hash, key, and p parameters. This could enable a remote user to submit a specially craft...
PT-2024-36020 · Winnmp · Winnmp
Name of the Vulnerable Software and Affected Versions: WinNMP version 19.02 Description: A vulnerability has been discovered that allows for an XSS attack via the index page, specifically in the from, subject, text, and hash parameters. This could enable a remote user to send a specially crafted...