CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

RedhatCVE•added 2025/05/22 8:40 p.m.•2 views

CVE-2021-26596

An issue was discovered in Nokia NetAct 18A. A malicious user can change a filename of an uploaded file to include JavaScript code, which is then stored and executed by a victim's web browser. The most common mechanism for delivering malicious content is to include it as a parameter in a URL that...

5.4CVSS6.1AI score0.0034EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 7:5 a.m.•7 views

CVE-2019-17404

Nokia IMPACT 18A: allows full path disclosure...

4.3CVSS6.9AI score0.00272EPSS

Exploits1References1

NVD•added 2021/03/25 7:15 p.m.•12 views

CVE-2021-26596

5.4CVSS0.0034EPSS

Exploits1References2

Prion•added 2021/03/25 7:15 p.m.•12 views

Code injection

3.5CVSS5.5AI score0.0034EPSS

Exploits1References2Affected Software1

Cvelist•added 2021/03/25 6:56 p.m.•14 views

CVE-2021-26596

5.7AI score0.0034EPSS

Exploits1References2

CVE•added 2021/03/25 6:56 p.m.•44 views

CVE-2021-26596

The CVE-2021-26596 entry concerns Nokia NetAct 18A. A vulnerability exists where a malicious user can change the filename of an uploaded file to include JavaScript code, which is then stored and executed by a victim’s web browser. The attack is typically delivered by placing the malicious content...

5.4CVSS5.4AI score0.0034EPSS

Exploits1References2Affected Software1

CVE•added 2021/03/25 6:56 p.m.•45 views

CVE-2021-26597

CVE-2021-26597 affects Nokia NetAct 18A. A remote user authenticated to the NetAct Web Page can upload arbitrary files via the Site Configuration Tool’s /netact/sct parameter with operation=upload, enabling potentially dangerous file uploads. According to NVD, CVSS v3.1 base score 6.5 (PR:L, I:H)...

6.5CVSS6.4AI score0.0032EPSS

Exploits1References2Affected Software1

Prion•added 2019/11/25 3:15 p.m.•13 views

Cross site scripting

Nokia IMPACT 18A: has Reflected self XSS...

4.3CVSS5.9AI score0.00353EPSS

Exploits1References2Affected Software1

CVE•added 2019/11/25 2:53 p.m.•44 views

CVE-2019-17405

CVE-2019-17405 affects Nokia IMPACT platforms earlier than version 18A, with a reflected self-XSS vulnerability. Connected sources identify Nokia IMPACT as the affected product and attribute the issue to improper validation of client-side data by the web application, enabling an attacker to execu...

6.1CVSS5.9AI score0.00353EPSS

Exploits1References2Affected Software1

Cvelist•added 2019/11/25 2:53 p.m.•10 views

CVE-2019-17405

Nokia IMPACT 18A: has Reflected self XSS...

6AI score0.00353EPSS

Exploits1References2

CVE•added 2019/11/25 2:48 p.m.•43 views

CVE-2019-17404

CVE-2019-17404 concerns Nokia IMPACT before version 18A, where a path traversal flaw allows an attacker to disclose the full filesystem path. The issue is described across multiple sources (CNVD-2019-44224, Red Hat RH:CVE-2019-17404, NVD CVE-2019-17404). The connected documents do not provide exp...

4.3CVSS4.5AI score0.00272EPSS

Exploits1References2Affected Software1

CVE•added 2019/11/25 2:43 p.m.•42 views

CVE-2019-17403

CVE-2019-17403 : Nokia IMPACT versions prior to 18A contain an unrestricted file upload vulnerability that could enable remote code execution. The cited descriptions consistently state this vulnerability for Nokia IMPACT, with no explicit exploit details or affected subcomponents beyond the gener...

8.8CVSS8.7AI score0.04371EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by