kac89

3 exploits Active since Jun 2024
CVE-2024-6050 NOMISEC MEDIUM WORKING POC
Sokrates Sowa Opac < 4.9.10 - XSS
Improper Neutralization of Input During Web Page Generation vulnerability in SOKRATES-software SOWA OPAC allows a Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects SOWA OPAC software in versions from 4.0 before 4.9.10, from 5.0 before 6.2.12.
1 stars
CVSS 6.1
CVE-2024-5961 NOMISEC MEDIUM WORKING POC
2ClickPortal <7.6.4 - XSS
Improper neutralization of input during web page generation vulnerability in 2ClickPortal software allows reflected cross-site scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects 2ClickPortal software versions from 7.2.31 through 7.6.4.
CVE-2024-7124 NOMISEC MEDIUM WORKING POC
DInGO dLibra <6.3.20 - XSS
Improper Neutralization of Input During Web Page Generation vulnerability in DInGO dLibra software in the parameter 'filter' in the endpoint 'indexsearch' allows a Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects DInGO dLibra software in versions from 6.0 before 6.3.20.