Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-32539

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.02505EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 6:53 p.m.10 views

CVE-2021-45821

A blind SQL injection vulnerability exists in Xbtit 3.1 via the sid parameter in ajaxchat/getHistoryChatData.php file that is accessible by a registered user. As a result, a malicious user can extract sensitive data such as usernames and passwords and in some cases use this vulnerability in order...

8.8CVSS8.5AI score0.02505EPSS
Exploits1
OSV
OSV
added 2022/03/16 4:15 p.m.3 views

CVE-2021-45822

A cross-site scripting vulnerability is present in Xbtit 3.1. The stored XSS vulnerability occurs because /ajaxchat/sendChatData.php does not properly validate the value of the "n" POST parameter. Through this vulnerability, an attacker is capable to execute malicious JavaScript code...

6.1CVSS5.8AI score0.01039EPSS
Exploits1References3
NVD
NVD
added 2022/03/16 4:15 p.m.35 views

CVE-2021-45822

A cross-site scripting vulnerability is present in Xbtit 3.1. The stored XSS vulnerability occurs because /ajaxchat/sendChatData.php does not properly validate the value of the "n" POST parameter. Through this vulnerability, an attacker is capable to execute malicious JavaScript code...

6.1CVSS0.01039EPSS
Exploits1References3
Prion
Prion
added 2022/03/16 4:15 p.m.17 views

Cross site scripting

A cross-site scripting vulnerability is present in Xbtit 3.1. The stored XSS vulnerability occurs because /ajaxchat/sendChatData.php does not properly validate the value of the "n" POST parameter. Through this vulnerability, an attacker is capable to execute malicious JavaScript code...

4.3CVSS5.8AI score0.01039EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2022/03/16 3:26 p.m.94 views

CVE-2021-45822

CVE-2021-45822 describes a stored XSS in Xbtit 3.1 where the request to /ajaxchat/sendChatData.php does not properly validate the n (POST) parameter. This vulnerability allows an attacker to inject and execute malicious JavaScript code, per multiple connected sources (e.g., NVD/Red Hat/CNVD varia...

6.1CVSS5.8AI score0.01039EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/03/16 3:26 p.m.33 views

CVE-2021-45822

A cross-site scripting vulnerability is present in Xbtit 3.1. The stored XSS vulnerability occurs because /ajaxchat/sendChatData.php does not properly validate the value of the "n" POST parameter. Through this vulnerability, an attacker is capable to execute malicious JavaScript code...

6AI score0.01039EPSS
Exploits1References3
NVD
NVD
added 2022/03/16 3:15 p.m.20 views

CVE-2021-45821

A blind SQL injection vulnerability exists in Xbtit 3.1 via the sid parameter in ajaxchat/getHistoryChatData.php file that is accessible by a registered user. As a result, a malicious user can extract sensitive data such as usernames and passwords and in some cases use this vulnerability in order...

8.8CVSS0.02505EPSS
Exploits1References3
OSV
OSV
added 2022/03/16 3:15 p.m.5 views

CVE-2021-45821

A blind SQL injection vulnerability exists in Xbtit 3.1 via the sid parameter in ajaxchat/getHistoryChatData.php file that is accessible by a registered user. As a result, a malicious user can extract sensitive data such as usernames and passwords and in some cases use this vulnerability in order...

8.8CVSS6.4AI score0.02505EPSS
Exploits1References3
Prion
Prion
added 2022/03/16 3:15 p.m.16 views

Sql injection

A blind SQL injection vulnerability exists in Xbtit 3.1 via the sid parameter in ajaxchat/getHistoryChatData.php file that is accessible by a registered user. As a result, a malicious user can extract sensitive data such as usernames and passwords and in some cases use this vulnerability in order...

6.5CVSS9AI score0.02505EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/03/16 3:1 p.m.27 views

CVE-2021-45821

A blind SQL injection vulnerability exists in Xbtit 3.1 via the sid parameter in ajaxchat/getHistoryChatData.php file that is accessible by a registered user. As a result, a malicious user can extract sensitive data such as usernames and passwords and in some cases use this vulnerability in order...

9.2AI score0.02505EPSS
Exploits1References3
CVE
CVE
added 2022/03/16 3:1 p.m.93 views

CVE-2021-45821

Xbtit 3.1 is affected by a blind SQL injection in the sid parameter of ajaxchat/getHistoryChatData.php, exploitable by registered users. The vulnerability arises from a missing filter/escape for SQL statements, enabling extraction of sensitive data (e.g., usernames and passwords) and, in some cas...

8.8CVSS9AI score0.02505EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder