Lucene search
K

22 matches found

NVD
NVD
added 2026/01/08 12:15 a.m.7 views

CVE-2019-25259

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can trick logged-in users into executing unauthorized actions by crafting malicious web pages that...

5.3CVSS0.00146EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/01/08 12:0 a.m.5 views

Leica Geosystems多款产品 跨站请求伪造漏洞

The Leica Geosystems GR10, among others, is a reference station receiver from Leica Germany. A cross-site request forgery vulnerability exists in various Leica Geosystems products, which stems from a lack of request validation and could lead to a cross-site request forgery attack. The following...

5.3CVSS6.7AI score0.00146EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/01/07 11:9 p.m.4 views

CVE-2019-25259 Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 Cross-Site Request Forgery

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can trick logged-in users into executing unauthorized actions by crafting malicious web pages that...

5.3CVSS6.4AI score0.00146EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/01/07 11:9 p.m.30 views

CVE-2019-25259 Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 Cross-Site Request Forgery

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can trick logged-in users into executing unauthorized actions by crafting malicious web pages that...

5.3CVSS0.00146EPSS
Exploits1References5
CVE
CVE
added 2026/01/07 11:9 p.m.15 views

CVE-2019-25259

CVE-2019-25259 affects Leica Geosystems GR10/GR25/GR30/GR50 GNSS software (version 4.30.063). The vulnerability is a cross-site request forgery that allows attackers to trigger administrative actions without proper request validation by tricking authenticated users into submitting malicious reque...

5.3CVSS6.4AI score0.00146EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.8 views

PT-2026-1672

Name of the Vulnerable Software and Affected Versions Leica Geosystems GR10/GR25/GR30/GR50 GNSS version 4.30.063 Description The software contains a cross-site request forgery issue that could allow attackers to perform administrative actions without proper validation of requests. Attackers can...

5.3CVSS6.5AI score0.00146EPSS
Exploits1References8
NVD
NVD
added 2025/12/24 8:15 p.m.4 views

CVE-2018-25131

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a stored cross-site scripting vulnerability in the configuration file upload functionality. Attackers can upload a malicious HTML file to that executes arbitrary JavaScript in a user's browser session when viewed...

7.2CVSS0.00238EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/12/24 7:27 p.m.28 views

CVE-2018-25131 Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 Stored XSS via Config Upload

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a stored cross-site scripting vulnerability in the configuration file upload functionality. Attackers can upload a malicious HTML file to that executes arbitrary JavaScript in a user's browser session when viewed...

7.2CVSS0.00238EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/24 7:27 p.m.3 views

CVE-2018-25131 Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 Stored XSS via Config Upload

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a stored cross-site scripting vulnerability in the configuration file upload functionality. Attackers can upload a malicious HTML file to that executes arbitrary JavaScript in a user's browser session when viewed...

7.2CVSS5.7AI score0.00238EPSS
Exploits1References3
CVE
CVE
added 2025/12/24 7:27 p.m.10 views

CVE-2018-25131

CVE-2018-25131 concerns Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063. The vulnerability is a stored cross-site scripting (XSS) flaw in the configuration file upload functionality, allowing an uploaded HTML file to execute arbitrary JavaScript in a user’s browser session when viewed. Affecte...

7.2CVSS5.7AI score0.00238EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.3 views

Leica Geosystems GNSS 安全漏洞

Leica Geosystems GNSS is a line of mapping equipment from Leica Germany. A security vulnerability exists in Leica Geosystems GNSS version 4.30.063, which stems from the presence of stored cross-site scripting in the configuration file upload function that could lead to the execution of arbitrary...

7.2CVSS6.2AI score0.00238EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.6 views

PT-2025-53352

Name of the Vulnerable Software and Affected Versions Leica Geosystems GR10/GR25/GR30/GR50 GNSS version 4.30.063 Description The software contains a stored cross-site scripting issue in the configuration file upload functionality. An attacker can upload a malicious HTML file that will execute...

7.2CVSS6.1AI score0.00238EPSS
Exploits1References5
0day.today
0day.today
added 2019/01/07 12:0 a.m.24 views

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications input type="hidden" name="txtHelpPage" valu...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/01/07 12:0 a.m.18 views

Leica Geosystems GR10GR25GR30GR50 GNSS 4.30.063 - JSHTML Code Injection

Leica Geosystems GR10GR25GR30GR50 GNSS 4.30.063 - JSHTML Code Injection function su...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2019/01/07 12:0 a.m.19 views

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 XSS

function submitRequest var xhr = new XMLHttpRequest; xhr.open"POST", "http://192.168.1.17/uploadconfig/", true; x...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/01/07 12:0 a.m.73 views

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - JS/HTML Code Injection Vulnerability

Exploit for hardware platform in category web applications body...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2019/01/07 12:0 a.m.43 views

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 CSRF

input...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/01/07 12:0 a.m.39 views

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - Cross-Site Request Forgery

input type="hidden" name="...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/01/07 12:0 a.m.43 views

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - JS/HTML Code Injection

function submitRequest...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/01/07 12:0 a.m.17 views

Leica Geosystems GR10GR25GR30GR50 GNSS 4.30.063 - Cross-Site Request Forgery

Leica Geosystems GR10GR25GR30GR50 GNSS 4.30.063 - Cross-Site Request Forgery...

0.1AI score
Exploits0
Rows per page
Query Builder