22 matches found
CVE-2019-25259
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can trick logged-in users into executing unauthorized actions by crafting malicious web pages that...
Leica Geosystems多款产品 跨站请求伪造漏洞
The Leica Geosystems GR10, among others, is a reference station receiver from Leica Germany. A cross-site request forgery vulnerability exists in various Leica Geosystems products, which stems from a lack of request validation and could lead to a cross-site request forgery attack. The following...
CVE-2019-25259 Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 Cross-Site Request Forgery
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can trick logged-in users into executing unauthorized actions by crafting malicious web pages that...
CVE-2019-25259 Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 Cross-Site Request Forgery
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without request validation. Attackers can trick logged-in users into executing unauthorized actions by crafting malicious web pages that...
CVE-2019-25259
CVE-2019-25259 affects Leica Geosystems GR10/GR25/GR30/GR50 GNSS software (version 4.30.063). The vulnerability is a cross-site request forgery that allows attackers to trigger administrative actions without proper request validation by tricking authenticated users into submitting malicious reque...
PT-2026-1672
Name of the Vulnerable Software and Affected Versions Leica Geosystems GR10/GR25/GR30/GR50 GNSS version 4.30.063 Description The software contains a cross-site request forgery issue that could allow attackers to perform administrative actions without proper validation of requests. Attackers can...
CVE-2018-25131
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a stored cross-site scripting vulnerability in the configuration file upload functionality. Attackers can upload a malicious HTML file to that executes arbitrary JavaScript in a user's browser session when viewed...
CVE-2018-25131 Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 Stored XSS via Config Upload
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a stored cross-site scripting vulnerability in the configuration file upload functionality. Attackers can upload a malicious HTML file to that executes arbitrary JavaScript in a user's browser session when viewed...
CVE-2018-25131 Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 Stored XSS via Config Upload
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a stored cross-site scripting vulnerability in the configuration file upload functionality. Attackers can upload a malicious HTML file to that executes arbitrary JavaScript in a user's browser session when viewed...
CVE-2018-25131
CVE-2018-25131 concerns Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063. The vulnerability is a stored cross-site scripting (XSS) flaw in the configuration file upload functionality, allowing an uploaded HTML file to execute arbitrary JavaScript in a user’s browser session when viewed. Affecte...
Leica Geosystems GNSS 安全漏洞
Leica Geosystems GNSS is a line of mapping equipment from Leica Germany. A security vulnerability exists in Leica Geosystems GNSS version 4.30.063, which stems from the presence of stored cross-site scripting in the configuration file upload function that could lead to the execution of arbitrary...
PT-2025-53352
Name of the Vulnerable Software and Affected Versions Leica Geosystems GR10/GR25/GR30/GR50 GNSS version 4.30.063 Description The software contains a stored cross-site scripting issue in the configuration file upload functionality. An attacker can upload a malicious HTML file that will execute...
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - Cross-Site Request Forgery Vulnerability
Exploit for hardware platform in category web applications input type="hidden" name="txtHelpPage" valu...
Leica Geosystems GR10GR25GR30GR50 GNSS 4.30.063 - JSHTML Code Injection
Leica Geosystems GR10GR25GR30GR50 GNSS 4.30.063 - JSHTML Code Injection function su...
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 XSS
function submitRequest var xhr = new XMLHttpRequest; xhr.open"POST", "http://192.168.1.17/uploadconfig/", true; x...
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - JS/HTML Code Injection Vulnerability
Exploit for hardware platform in category web applications body...
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 CSRF
input...
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - Cross-Site Request Forgery
input type="hidden" name="...
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - JS/HTML Code Injection
function submitRequest...
Leica Geosystems GR10GR25GR30GR50 GNSS 4.30.063 - Cross-Site Request Forgery
Leica Geosystems GR10GR25GR30GR50 GNSS 4.30.063 - Cross-Site Request Forgery...