Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-2098

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.01892EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2022/05/17 4:17 a.m.20 views

ZF-Commons ZfcUser Vulnerable to XSS in Login Redirect

Cross-site scripting XSS vulnerability in user/login.phtml in ZF-Commons ZfcUser before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...

4.3CVSS5.9AI score0.01892EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2022/05/17 4:17 a.m.10 views

GHSA-33RH-5HVF-5JJP ZF-Commons ZfcUser Vulnerable to XSS in Login Redirect

Cross-site scripting XSS vulnerability in user/login.phtml in ZF-Commons ZfcUser before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...

5.3CVSS5.5AI score0.01892EPSS
Exploits1References7
NVD
NVD
added 2015/01/15 3:59 p.m.17 views

CVE-2015-1039

Cross-site scripting XSS vulnerability in user/login.phtml in ZF-Commons ZfcUser before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...

4.3CVSS5.6AI score0.01892EPSS
Exploits1References4
Prion
Prion
added 2015/01/15 3:59 p.m.11 views

Cross site scripting

Cross-site scripting XSS vulnerability in user/login.phtml in ZF-Commons ZfcUser before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...

4.3CVSS6.1AI score0.01892EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2015/01/15 3:0 p.m.22 views

CVE-2015-1039

Cross-site scripting XSS vulnerability in user/login.phtml in ZF-Commons ZfcUser before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter...

5.6AI score0.01892EPSS
Exploits1References4
CVE
CVE
added 2015/01/15 3:0 p.m.41 views

CVE-2015-1039

CVE-2015-1039 affects ZF-Commons ZfcUser before 1.2.2, in which the login redirect parameter (redirect) is vulnerable to XSS via user/login.phtml. The root cause is missing escaping of the URL parameter, allowing an attacker to inject arbitrary script/HTML. Public references (GHSA/FriendsofPHP ad...

4.3CVSS5.7AI score0.01892EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder