返回 CVE 瀏覽器

CVE-2018-11090

MEDIUM

6.1

CVSS Severity Score

EPSS Score0.1490%

EPSS Percentile19.80th

Published2018年5月14日

Last Modified2024年11月21日

Vulnerability Description

An XSS issue was discovered in MyBiz MyProcureNet 5.0.0. This vulnerability within "ProxyPage.aspx" allows an attacker to inject malicious client side scripting which will be executed in the browser of users if they visit the manipulated site.

Affected Platforms (CPE)

📦

Mybiz

Myprocurenet

= 5.0.0

References & Advisories

🔗 http://seclists.org/fulldisclosure/2018/May/32

🔗 https://www.sec-consult.com/en/blog/advisories/arbitrary-file-upload-cross-site-scripting-in-mybiz-myprocurenet/

🔗 http://seclists.org/fulldisclosure/2018/May/32

🔗 https://www.sec-consult.com/en/blog/advisories/arbitrary-file-upload-cross-site-scripting-in-mybiz-myprocurenet/

相關漏洞威脅

CVE-2018-110919.9

An issue was discovered in MyBiz MyProcureNet 5.0.0. A malicious file can be uploaded to the webserver by an attacker. It is possi...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...