Lucene search
+L
PixelineBugs

4 matches found

CVE
CVE
added 2021/10/01 3:42 p.m.49 views

CVE-2021-40922

CVE-2021-40922 is a cross-site scripting (XSS) vulnerability affecting the open source defect-tracking system Bugs/Tinyissue in versions 1.8 and earlier, exploitable via the last_name parameter in install/index.php . The root cause is improper input handling in that endpoint, enabling remote atta...

6.1CVSS6.1AI score0.00818EPSS
Web
CVE
CVE
added 2021/10/01 3:42 p.m.45 views

CVE-2021-40923

The CVE-2021-40923 entry describes a Cross-site Scripting (XSS) vulnerability in the Bugs open-source defect tracking system, specifically install/index.php for Bugs 1.8 and earlier. The issue arises from the email parameter, allowing remote attackers to inject arbitrary web script or HTML. Conne...

6.1CVSS6.1AI score0.00818EPSS
Web
CVE
CVE
added 2021/10/01 3:42 p.m.45 views

CVE-2021-40924

CVE-2021-40924 documents a cross-site scripting (XSS) vulnerability in the Bugs/Tinyissue project. The issue affects install/index.php for bugs versions 1.8 and earlier, where the first_name parameter can be abused to inject arbitrary web script or HTML. The connected sources consistently describ...

6.1CVSS6.1AI score0.00818EPSS
Web
CVE
CVE
added 2019/02/22 6:0 a.m.43 views

CVE-2019-9002

The CVE-2019-9002 entry describes a code execution vulnerability in Tiny Issue 1.3.1 and pixeline Bugs up to 1.3.2c. The install/config-setup.php file permits remote attackers to execute arbitrary PHP code via the database_host parameter if the installer remains in the original directory after in...

9.8CVSS9.8AI score0.02422EPSS
Web