Badaso
by Badaso
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-38971 | Med | 0.35 | 5.4 | 0.01 | Aug 29, 2023 | Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the rack number parameter in the add new rack function. | ||
| CVE-2023-38969 | Med | 0.35 | 5.4 | 0.01 | Aug 28, 2023 | Cross Site Scripting vulnerabiltiy in Badaso v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the title parameter in the new book and edit book function. | ||
| CVE-2023-38974 | Med | 0.35 | 5.4 | 0.00 | Aug 25, 2023 | A stored cross-site scripting (XSS) vulnerability in the Edit Category function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter. | ||
| CVE-2023-38973 | Med | 0.35 | 5.4 | 0.00 | Aug 25, 2023 | A stored cross-site scripting (XSS) vulnerability in the Add Tag function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter. |
- risk 0.35cvss 5.4epss 0.01
Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the rack number parameter in the add new rack function.
- risk 0.35cvss 5.4epss 0.01
Cross Site Scripting vulnerabiltiy in Badaso v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the title parameter in the new book and edit book function.
- risk 0.35cvss 5.4epss 0.00
A stored cross-site scripting (XSS) vulnerability in the Edit Category function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter.
- risk 0.35cvss 5.4epss 0.00
A stored cross-site scripting (XSS) vulnerability in the Add Tag function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter.