CVE-2024-30886
- EPSS 0.09%
- Veröffentlicht 23.04.2024 22:15:07
- Zuletzt bearbeitet 21.05.2025 18:07:55
A stored cross-site scripting (XSS) vulnerability in the remotelink function of HadSky v7.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter.
CVE-2024-30885
- EPSS 0.34%
- Veröffentlicht 11.04.2024 05:15:47
- Zuletzt bearbeitet 21.05.2025 18:08:13
Reflected Cross-Site Scripting (XSS) vulnerability in HadSky v7.6.3, allows remote attackers to execute arbitrary code and obtain sensitive information via the chklogin.php component .
CVE-2023-46428
- EPSS 0.17%
- Veröffentlicht 01.11.2023 21:15:08
- Zuletzt bearbeitet 21.11.2024 08:28:30
An arbitrary file upload vulnerability in HadSky v7.12.10 allows attackers to execute arbitrary code via a crafted file.
CVE-2023-3579
- EPSS 0.18%
- Veröffentlicht 10.07.2023 16:15:56
- Zuletzt bearbeitet 21.11.2024 08:17:35
A vulnerability, which was classified as problematic, has been found in HadSky 7.11.8. Affected by this issue is some unknown functionality of the component User Handler. The manipulation leads to cross-site request forgery. The attack may be launche...
CVE-2023-1685
- EPSS 1.27%
- Veröffentlicht 29.03.2023 06:15:07
- Zuletzt bearbeitet 21.11.2024 07:39:41
A vulnerability was found in HadSky up to 7.11.8. It has been declared as critical. This vulnerability affects unknown code of the file /install/index.php of the component Installation Interface. The manipulation leads to command injection. The attac...
CVE-2023-1684
- EPSS 0.07%
- Veröffentlicht 29.03.2023 04:15:08
- Zuletzt bearbeitet 21.11.2024 07:39:41
A vulnerability was found in HadSky 7.7.16. It has been classified as problematic. This affects an unknown part of the file upload/index.php?c=app&a=superadmin:index. The manipulation leads to unrestricted upload. It is possible to initiate the attac...