3 matches found
i-doit 跨站脚本漏洞
i-doit is a configuration management database software from i-doit Inc. A cross-site scripting vulnerability exists in i-doit pro that stems from a lack of proper cleanup of the id, lang, mNavID, name, pID, treeNode, type, and view parameters...
PT-2023-29787 · Unknown · I-Doit Pro
Name of the Vulnerable Software and Affected Versions: i-doit pro versions 25 and below Description: The issue is related to Cross Site Scripting XSS and can be exploited via the index.php endpoint. This allows for potential malicious script injection. Recommendations: For versions 25 and below,...
PT-2023-6470 · Unknown · I-Doit Open +1
Name of the Vulnerable Software and Affected Versions: I-doit pro versions 25 and below I-doit open versions 25 and below Description: The issue is related to weak password requirements for Administrator account creation in the affected software. This weakness allows attackers to easily guess...