Irina Belyaeva

3 exploits Active since Jan 2021
CVE-2021-3131 NOMISEC HIGH WRITEUP
1C:Enterprise 8 < 8.3.17.1851 - Inadequate Encryption Strength via Base64 Credential Exposure
The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the creds URL parameter.
1 stars
CVSS 7.5
CVE-2021-3395 NOMISEC MEDIUM WRITEUP
Pryaniki 6.44.3 - Authenticated Stored Cross-Site Scripting via File Upload
A cross-site scripting (XSS) vulnerability in Pryaniki 6.44.3 allows remote authenticated users to upload an arbitrary file. The JavaScript code will execute when someone visits the attachment.
1 stars
CVSS 5.4
CVE-2021-3395 WRITEUP MEDIUM WRITEUP
Pryaniki 6.44.3 - Authenticated Stored Cross-Site Scripting via File Upload
A cross-site scripting (XSS) vulnerability in Pryaniki 6.44.3 allows remote authenticated users to upload an arbitrary file. The JavaScript code will execute when someone visits the attachment.
CVSS 5.4