CVE-2024-8652

MEDIUM Year: 2024
CVSS v3 Score
6.1
Medium
Weakness Type
CWE-79
View all →

Vulnerability Description

A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser when they visit specific path on the site. This issue affects NetCat CMS v. 6.4.0.24126.2 and possibly others. Apply patch from vendor https://netcat.ru/ https://netcat.ru/] . Versions 6.4.0.24248 and on have the patch.

Related Vulnerabilities

CVE-2005-2350

MEDIUM
CVSS:6.1(Medium)

Cross-site scripting (XSS) vulnerability in websieve v0.62 allows remote attackers to inject arbitrary web script or HTML code in the web user interface.

CWE-792005

CVE-2006-5632

MEDIUM
CVSS:6.1(Medium)

Cross-site scripting (XSS) vulnerability in change_pass.php in iG Shop 1.4 allows remote attackers to inject arbitrary web script or HTML via the id parameter, a different vulnerability than CVE-2006-...

CWE-792006

CVE-2006-5847

MEDIUM
CVSS:6.1(Medium)

Cross-site scripting (XSS) vulnerability in index.php in FreeWebshop 2.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter.

CWE-792006

CVE-2007-3484

MEDIUM
CVSS:6.1(Medium)

Cross-site scripting (XSS) vulnerability in search.php in Google Custom Search Engine allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: this issue is disputed b...

CWE-792007

CVE-2007-4465

MEDIUM
CVSS:6.1(Medium)

Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitr...

CWE-792007

CVE-2007-5817

MEDIUM
CVSS:6.1(Medium)

dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to perform certain privileged actions via a (1) del, (2) delbackup, (3) res, or (4) ren action. NOTE: this issue can be levera...

CWE-792007