VYPR

Badaso

by Badaso

CVEs (4)

  • CVE-2023-38971MedAug 29, 2023
    risk 0.35cvss 5.4epss 0.01

    Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the rack number parameter in the add new rack function.

  • CVE-2023-38969MedAug 28, 2023
    risk 0.35cvss 5.4epss 0.01

    Cross Site Scripting vulnerabiltiy in Badaso v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the title parameter in the new book and edit book function.

  • CVE-2023-38974MedAug 25, 2023
    risk 0.35cvss 5.4epss 0.00

    A stored cross-site scripting (XSS) vulnerability in the Edit Category function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter.

  • CVE-2023-38973MedAug 25, 2023
    risk 0.35cvss 5.4epss 0.00

    A stored cross-site scripting (XSS) vulnerability in the Add Tag function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter.