48 matches found
CVE-2024-41512
CADClick v1.11.0 and earlier contains a SQL injection in ccHandler.aspx via the bomid parameter, enabling remote arbitrary SQL execution. Affected component: web API endpoint ccHandler.aspx; root cause: unsafely handling bomid leads to injection. Impact: potential data exposure, modification, or ...
CVE-2024-41516
CVE-2024-41516 is a reflected XSS in CADClick
CADClick 安全漏洞
CADClick is a software solution from CADClick, Inc. that creates interactive catalogs of 2D/3D CAD data for individual customer CAD catalogs. A security vulnerability exists in CADClick v1.11.0 and earlier versions that stems from the presence of a Reflective Cross-Site Scripting XSS vulnerabilit...
CVE-2024-41514
CADClick v1.11.0 and earlier is affected by a reflected XSS in PrevPgGroup.aspx, exploitable via the wer parameter to inject arbitrary script/HTML. Affected component: PrevPgGroup.aspx on CADClick; root cause: reflected XSS. Impact stated: remote attackers can run script in the victim’s browser (...
CVE-2024-41516
A Reflected cross-site scripting XSS vulnerability in "ccHandler.aspx" CADClick = 1.11.0 allows remote attackers to inject arbitrary web script or HTML via the "bomid" parameter...
CADClick 安全漏洞
CADClick is a software solution from CADClick, Inc. that creates interactive catalogs of 2D/3D CAD data for individual customer CAD catalogs. A security vulnerability exists in CADClick v1.11.0 and prior versions that stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability...
PT-2024-29431 · Cadclick · Cadclick
Name of the Vulnerable Software and Affected Versions: CADClick versions 1.11.0 and earlier Description: A reflected cross-site scripting XSS vulnerability is present in "Artikel.aspx" in CADClick, allowing remote attackers to inject arbitrary web script or HTML via the searchindex parameter. Thi...
CADClick 安全漏洞
CADClick is a software solution from CADClick, Inc. that creates interactive catalogs of 2D/3D CAD data for individual customer CAD catalogs. A security vulnerability exists in CADClick v1.11.0 and prior versions that stems from the presence of a path traversal vulnerability that allows remote...