11 matches found
EUVD-2021-18560
Malware in sbrugna...
EUVD-2021-18559
Malware in sbrugna...
Cyclos 4 PRO Cross-Site Scripting Vulnerability (CNVD-2022-77956)
Cyclos 4 PRO is a web server. a cross-site scripting vulnerability exists in Cyclos 4 PRO version 4.14.7 and earlier, which stems from a failure to validate user input during error notification. A remote, unauthenticated attacker could execute javascript code via undefine enumeration constants...
Cyclos 4 PRO Cross-Site Scripting Vulnerability
Cyclos 4 PRO is a web server. A cross-site scripting vulnerability exists in Cyclos 4 PRO version 4.14.7 and earlier, which can be exploited by remote attackers to inject arbitrary web scripts or HTML via the groupId parameter...
CVE-2021-31674
Cyclos 4 PRO 4.14.7 and before does not validate user input at error inform, which allows remote unauthenticated attacker to execute javascript code via undefine enum constant...
Input validation
Cyclos 4 PRO 4.14.7 and before does not validate user input at error inform, which allows remote unauthenticated attacker to execute javascript code via undefine enum constant...
Cross site scripting
A Dom-based Cross-site scripting XSS vulnerability at registration account in Cyclos 4 PRO.14.7 and before allows remote attackers to inject arbitrary web script or HTML via the groupId parameter...
Cyclos 4 PRO 跨站脚本漏洞
Cyclos 4 PRO is a web server. A cross-site scripting vulnerability exists in Cyclos 4 PRO version 4.14.7 and earlier, which can be exploited by remote attackers to inject arbitrary web scripts or HTML via the groupId parameter...
CVE-2021-31673
CVE-2021-31673 describes a DOM-based cross-site scripting (XSS) vulnerability in Cyclos 4 PRO (web app) affecting version 4.14.7 and earlier. The flaw allows remote attackers to inject arbitrary script or HTML through the groupId parameter during user registration. The affected component is Cyclo...
CVE-2021-31674
Cyclos 4 PRO 4.14.7 and before does not validate user input at error inform, which allows remote unauthenticated attacker to execute javascript code via undefine enum constant...
CVE-2021-31674
Cyclos 4 PRO 4.14.7 and earlier is affected by a DOM/UX-related cross-site scripting vulnerability: it does not validate user input in error information, enabling a remote unauthenticated attacker to execute JavaScript via an undefined enum constant. This issue is documented across multiple sourc...