In DbNinja 3.2.7, the Add Host function of the Manage Hosts pages has a Stored Cross-site Scripting (XSS) vulnerability in the User Name field.
5.4CVSS
5.2AI Score
0.001EPSS
9.6CVSS
9.2AI Score
0.002EPSS
_includes\online.php in DbNinja 3.2.7 allows XSS via the data.php task parameter if _users/admin/tasks.php exists.
6.1CVSS
5.9AI Score
0.001EPSS