CyberSec.Space Logo
Back to CVE Browser

CVE-2018-11090

MEDIUM
6.1
CVSS Severity Score
EPSS Score0.1490%
EPSS Percentile19.80th
PublishedMay 14, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

An XSS issue was discovered in MyBiz MyProcureNet 5.0.0. This vulnerability within "ProxyPage.aspx" allows an attacker to inject malicious client side scripting which will be executed in the browser of users if they visit the manipulated site.

Affected Platforms (CPE)

πŸ“¦
Mybiz

Myprocurenet

= 5.0.0

References & Advisories

πŸ”— http://seclists.org/fulldisclosure/2018/May/32
πŸ”— https://www.sec-consult.com/en/blog/advisories/arbitrary-file-upload-cross-site-scripting-in-mybiz-myprocurenet/
πŸ”— http://seclists.org/fulldisclosure/2018/May/32
πŸ”— https://www.sec-consult.com/en/blog/advisories/arbitrary-file-upload-cross-site-scripting-in-mybiz-myprocurenet/

Related Vulnerabilities

CVE-2018-110919.9

An issue was discovered in MyBiz MyProcureNet 5.0.0. A malicious file can be uploaded to the webserver by an attacker. It is possi...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...