Lucene search
+L

54 matches found

Prion
Prion
added 2020/11/16 5:15 a.m.15 views

Deserialization of untrusted data

Deserialization of untrusted data vulnerability in XooNIps 3.49 and earlier allows remote attackers to execute arbitrary code via unspecified vectors...

7.5CVSS9.6AI score0.02611EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/11/16 5:15 a.m.14 views

Cross site scripting

Stored cross-site scripting vulnerability in XooNIps 3.49 and earlier allows remote authenticated attackers to inject arbitrary script via unspecified vectors...

4CVSS5AI score0.00685EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/11/16 5:15 a.m.15 views

Sql injection

SQL injection vulnerability in the XooNIps 3.49 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors...

6.5CVSS8.7AI score0.0114EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/11/16 5:15 a.m.23 views

Cross site scripting

Reflected cross-site scripting vulnerability in XooNIps 3.49 and earlier allows remote authenticated attackers to inject arbitrary script via unspecified vectors...

3.5CVSS5AI score0.0081EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/11/16 4:15 a.m.47 views

CVE-2020-5664

CVE-2020-5664 affects the XooNIps module for XOOPS (versions 3.49 and earlier). The vulnerability is described as a deserialization of untrusted data that could allow remote attackers to execute arbitrary code via unspecified vectors. Mitigation guidance in the sources is to update the software t...

9.8CVSS9.6AI score0.02611EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/11/16 4:15 a.m.29 views

CVE-2020-5664

Deserialization of untrusted data vulnerability in XooNIps 3.49 and earlier allows remote attackers to execute arbitrary code via unspecified vectors...

9.7AI score0.02611EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/11/16 4:15 a.m.17 views

CVE-2020-5663

Stored cross-site scripting vulnerability in XooNIps 3.49 and earlier allows remote authenticated attackers to inject arbitrary script via unspecified vectors...

5AI score0.00685EPSS
Exploits0References2
CVE
CVE
added 2020/11/16 4:15 a.m.62 views

CVE-2020-5663

CVE-2020-5663 affects XooNIps 3.49 and earlier. The vulnerability is a stored cross-site scripting issue; a remote authenticated attacker can inject arbitrary scripts via unspecified vectors. Public documents corroborate this vulnerability across multiple sources (NVD, Red Hat, CNVD, JVN). Impact...

5.4CVSS4.9AI score0.00685EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/11/16 4:15 a.m.60 views

CVE-2020-5662

The CVE-2020-5662 case affects the XOOPS module XooNIps: reflected cross-site scripting vulnerabilities exist in version 3.49 and earlier. The root cause involves improper handling of user-supplied data, allowing a remote authenticated attacker to inject script via unspecified vectors, potentiall...

5.4CVSS4.9AI score0.0081EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/11/16 4:15 a.m.19 views

CVE-2020-5659

SQL injection vulnerability in the XooNIps 3.49 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors...

8.8AI score0.0114EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/11/16 4:15 a.m.20 views

CVE-2020-5662

Reflected cross-site scripting vulnerability in XooNIps 3.49 and earlier allows remote authenticated attackers to inject arbitrary script via unspecified vectors...

5AI score0.0081EPSS
Exploits0References2
CVE
CVE
added 2020/11/16 4:15 a.m.48 views

CVE-2020-5659

CVE-2020-5659 is a SQL injection vulnerability in XooNIps up to version 3.49 and earlier. The vulnerability allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. The root cause is inadequate validation of externally entered SQL statements in database-bas...

8.8CVSS8.6AI score0.0114EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/11/16 12:0 a.m.3 views

XooNIps Untrusted Data Deserialization Vulnerability

XooNIps is a neuroinformatics platform infrastructure system based on XOOPS. An untrusted data deserialization vulnerability exists in XooNIps 3.49 and earlier versions. A remote attacker could exploit this vulnerability to execute arbitrary code...

9.8CVSS7.5AI score0.02611EPSS
Exploits0References1
CNVD
CNVD
added 2020/11/16 12:0 a.m.3 views

XooNIps cross-site scripting vulnerability (CNVD-2020-63979)

XooNIps is a neuroinformatics platform infrastructure system based on XOOPS. A stored cross-site scripting vulnerability exists in XooNIps 3.49 and earlier versions. A remote authenticated attacker can exploit this vulnerability to inject arbitrary scripts...

5.4CVSS6.1AI score0.00685EPSS
Exploits0References1
CNVD
CNVD
added 2020/11/10 12:0 a.m.6 views

XooNIps Cross-Site Scripting Vulnerability (CNVD-2020-63192)

XooNIps is a content management system for the field of neuroscience by the XooNIps team in Japan. A cross-site scripting vulnerability exists in XooNIps version 3.49 and prior versions, which stems from a lack of proper validation of client-side data by the WEB application. An attacker can explo...

5.4CVSS6.4AI score0.0081EPSS
Exploits0References1
CNVD
CNVD
added 2020/11/10 12:0 a.m.3 views

XooNIps SQL Injection Vulnerability

XooNIps is a content management system for the field of neuroscience by the XooNIps team in Japan. A SQL injection vulnerability exists in XooNIps version 3.49 and earlier versions, which stems from a lack of validation of externally entered SQL statements in database-based applications. An...

8.8CVSS8.1AI score0.0114EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2020/11/09 6:10 a.m.5 views

Multiple vulnerabilities in XOOPS module "XooNIps"

Overview XOOPS module "XooNIps" contains multiple vulnerabilities listed below. SQL injection CWE-89 - CVE-2020-5659 Reflected cross-site scripting CWE-79 - CVE-2020-5662 Stored cross-site scripting CWE-79 - CVE-2020-5663 Deserialization of untrusted data CWE-502 - CVE-2020-5664 stypr of Flatt...

9.8CVSS7.1AI score0.02611EPSS
Exploits0References14
NVD
NVD
added 2020/08/28 5:15 a.m.17 views

CVE-2020-5624

SQL injection vulnerability in the XooNIps 3.48 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

9.8CVSS9.9AI score0.01405EPSS
Exploits0References3
NVD
NVD
added 2020/08/28 5:15 a.m.18 views

CVE-2020-5625

Cross-site scripting vulnerability in XooNIps 3.48 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors...

6.1CVSS6.2AI score0.0103EPSS
Exploits0References3
OSV
OSV
added 2020/08/28 5:15 a.m.4 views

CVE-2020-5625

Cross-site scripting vulnerability in XooNIps 3.48 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors...

6.1CVSS6.8AI score0.0103EPSS
Exploits0References3
Rows per page
Query Builder