Lucene search
K

203 matches found

Cvelist
Cvelist
added 2023/06/27 12:0 a.m.26 views

CVE-2023-34835

A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary JavaScript code via a vulnerable deletefile parameter...

5.9AI score0.00762EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/06/27 12:0 a.m.6 views

MicroWorld Technologies eScan Management Console 跨站脚本漏洞

The MicroWorld Technologies eScan Management Console is an eScan management console from MicroWorld Technologies, Inc. A cross-site scripting vulnerability exists in Microworld Technologies eScan Management console version v.14.0.1400.2281, which originates from a vulnerability that allows a remo...

5.4CVSS6AI score0.00813EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/06/27 12:0 a.m.5 views

MicroWorld Technologies eScan Management Console 跨站脚本漏洞

MicroWorld Technologies eScan Management Console is an eScan management console from MicroWorld Technologies, Inc. A cross-site scripting vulnerability exists in Microworld Technologies eScan Management console version v.14.0.1400.2281, which originates from a vulnerability that allows remote...

5.4CVSS6AI score0.00813EPSS
Exploits1References2
CVE
CVE
added 2023/06/27 12:0 a.m.53 views

CVE-2023-34836

The CVE-2023-34836 entry concerns Microworld Technologies’ eScan Management Console, version 14.0.1400.2281. The vulnerability is a Cross Site Scripting (XSS) flaw that enables a remote attacker to execute arbitrary code by crafting scripts passed via the Dtltyp and ListName parameters. This is r...

5.4CVSS5.8AI score0.00813EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2023/06/27 12:0 a.m.33 views

CVE-2023-34835

The vulnerability CVE-2023-34835 affects Microworld Technologies eScan Management Console 14.0.1400.2281. A Cross Site Scripting flaw exists in the delete_file parameter, enabling a remote attacker to inject and execute arbitrary JavaScript. The issue is documented in PT-2023-25021 with the affec...

5.4CVSS5.7AI score0.00762EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/06/27 12:0 a.m.5 views

MicroWorld Technologies eScan Management Console 跨站脚本漏洞

MicroWorld Technologies eScan Management Console is an eScan management console from MicroWorld Technologies, Inc. A cross-site scripting vulnerability exists in Microworld Technologies eScan Management console version v.14.0.1400.2281, which originates from a vulnerability that allows remote...

5.4CVSS5.9AI score0.00762EPSS
Exploits1References2
CVE
CVE
added 2023/06/27 12:0 a.m.57 views

CVE-2023-34837

Microworld Technologies eScan Management Console ver. 14.0.1400.2281 is affected by a Cross-Site Scripting vulnerability where the GrpPath parameter is vulnerable. Root cause: insufficient input validation in GrpPath enables remote code execution in affected web UI. Impact, per CVSS 3.1 vector, i...

5.4CVSS5.8AI score0.00813EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/25 12:0 a.m.5 views

PT-2023-25021 · Microworld Technologies · Escan Management Console

Name of the Vulnerable Software and Affected Versions: Microworld Technologies eScan Management console version 14.0.1400.2281 Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary JavaScript code via a vulnerable delete file parameter. This enables the attacker ...

5.4CVSS5.5AI score0.00762EPSS
Exploits1References4
NVD
NVD
added 2023/06/02 12:15 p.m.24 views

CVE-2023-33731

Reflected Cross Site Scripting XSS in the view dashboard detail feature in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the URL directly...

6.1CVSS6.2AI score0.00808EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
added 2023/06/02 12:15 p.m.7 views

CVE-2023-33731

Reflected Cross Site Scripting XSS in the view dashboard detail feature in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the URL directly...

6.1CVSS6.6AI score0.00808EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2023/06/02 12:0 a.m.8 views

PT-2023-24460 · Microworld Technologies · Escan

Name of the Vulnerable Software and Affected Versions: Microworld Technologies eScan management console version 14.0.1400.2281 Description: The issue concerns a Reflected Cross Site Scripting XSS in the view dashboard detail feature, allowing a remote attacker to inject arbitrary code via the URL...

6.1CVSS7AI score0.00808EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2023/06/02 12:0 a.m.10 views

CVE-2023-33731

Reflected Cross Site Scripting XSS in the view dashboard detail feature in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the URL directly...

6.2AI score0.00808EPSS
Exploits2References2
CVE
CVE
added 2023/06/02 12:0 a.m.46 views

CVE-2023-33731

Microworld Technologies eScan management console (version 14.0.1400.2281) is affected by a Reflected Cross Site Scripting (XSS) vulnerability in the view dashboard detail feature. The flaw allows an attacker to inject arbitrary script via a URL parameter (DashBoardDetails), with evidence of explo...

6.1CVSS6.1AI score0.00808EPSS
Exploits2References2Affected Software1
NVD
NVD
added 2023/05/31 8:15 p.m.29 views

CVE-2023-33730

Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format...

9.8CVSS9.5AI score0.01175EPSS
Exploits2References1
NVD
NVD
added 2023/05/31 8:15 p.m.15 views

CVE-2023-33732

Cross Site Scripting XSS in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval...

6.1CVSS6.1AI score0.00844EPSS
Exploits2References1
OSV
OSV
added 2023/05/31 8:15 p.m.3 views

CVE-2023-33732

Cross Site Scripting XSS in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval...

6.1CVSS6AI score0.02098EPSS
Exploits6References1
ATTACKERKB
ATTACKERKB
added 2023/05/31 8:15 p.m.4 views

CVE-2023-33732

Cross Site Scripting XSS in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval...

7.8CVSS7.1AI score0.02098EPSS
Exploits6References2
CVE
CVE
added 2023/05/31 12:0 a.m.48 views

CVE-2023-33730

The CVE-2023-33730 vulnerability affects Microworld Technologies eScan Management Console version 14.0.1400.2281, in the GetUserCurrentPwd function, allowing remote attackers to retrieve plaintext passwords for admins or users. The underlying issue enables privilege escalation and full account co...

9.8CVSS9.4AI score0.01175EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/31 12:0 a.m.7 views

CVE-2023-33730

Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format...

7.4AI score0.01175EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/05/31 12:0 a.m.31 views

CVE-2023-33730

Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format...

9.7AI score0.01175EPSS
Exploits2References1
Rows per page
Query Builder