anh91/uasoft-indonesia--badaso

anh91/uasoft-indonesia--badaso

Releases0

Stars1

XSS

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-38970 ↗	Aug 30, 2023Wednesday, 30 August 2023, 22:15	5.4 MEDIUM	—
Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the Name of member parameter in the add new member function.
CVE-2023-38971 ↗	Aug 29, 2023Tuesday, 29 August 2023, 22:15	5.4 MEDIUM	—
Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the rack number parameter in the add new rack function.
CVE-2023-38969 ↗	Aug 28, 2023Monday, 28 August 2023, 21:15	5.4 MEDIUM	—
Cross Site Scripting vulnerabiltiy in Badaso v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the title parameter in the new book and edit book function.
CVE-2023-38973 ↗	Aug 25, 2023Friday, 25 August 2023, 01:15	5.4 MEDIUM	—
A stored cross-site scripting (XSS) vulnerability in the Add Tag function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter.
CVE-2023-38974 ↗	Aug 25, 2023Friday, 25 August 2023, 01:15	5.4 MEDIUM	—
A stored cross-site scripting (XSS) vulnerability in the Edit Category function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter.