CVSS: 4.6EPSS: 0%CPEs: -EXPL: 0CVE-2024-30926 – DerbyNet 9.0 inc/kisosks.inc Cross Site Scripting
https://notcve.org/view.php?id=CVE-2024-30926
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the . • https://chocapikk.com/posts/2024/derbynet-vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-30925 – DerbyNet 9.0 photo-thumbs.php Cross Site Scripting
https://notcve.org/view.php?id=CVE-2024-30925
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the photo-thumbs.php component. • https://chocapikk.com/posts/2024/derbynet-vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 0EPSS: 0%CPEs: -EXPL: 0CVE-2024-30924 – DerbyNet 9.0 checkin.php Cross Site Scripting
https://notcve.org/view.php?id=CVE-2024-30924
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the checkin.php component. • https://chocapikk.com/posts/2024/derbynet-vulnerabilities • CWE-692: Incomplete Denylist to Cross-Site Scripting •
CVSS: 5.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-30921 – DerbyNet 9.0 photo.php Cross Site Scripting
https://notcve.org/view.php?id=CVE-2024-30921
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows a remote attacker to execute arbitrary code via the photo.php component. • https://chocapikk.com/posts/2024/derbynet-vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-30920 – DerbyNet 9.0 render-document.php Cross Site Scripting
https://notcve.org/view.php?id=CVE-2024-30920
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows a remote attacker to execute arbitrary code via the render-document.php component. • https://chocapikk.com/posts/2024/derbynet-vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •