Vulnerabilities > Ujangrohidin

DATE CVE VULNERABILITY TITLE RISK
2024-10-23 CVE-2024-10286 Cross-site Scripting vulnerability in Ujangrohidin Localserver 1.0.9
Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through /testmail/index.php, parameter to.
network
low complexity
ujangrohidin CWE-79
6.1
6.1
2024-10-23 CVE-2024-10287 Cross-site Scripting vulnerability in Ujangrohidin Localserver 1.0.9
Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through /mlss/ForgotPassword, parameter ListName.
network
low complexity
ujangrohidin CWE-79
6.1
6.1
2024-10-23 CVE-2024-10288 Cross-site Scripting vulnerability in Ujangrohidin Localserver 1.0.9
Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through /mlss/SubscribeToList, parameter ListName.
network
low complexity
ujangrohidin CWE-79
6.1
6.1
2024-10-23 CVE-2024-10289 Cross-site Scripting vulnerability in Ujangrohidin Localserver 1.0.9
Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through /mlss/ManageSubscription, parameter MSubListName.
network
low complexity
ujangrohidin CWE-79
6.1
6.1