104 matches found
MicroWorld Technologies eScan Management Console 跨站脚本漏洞
MicroWorld Technologies eScan Management Console is an eScan management console from MicroWorld Technologies, Inc. A cross-site scripting vulnerability exists in Microworld Technologies eScan Management console version v.14.0.1400.2281, which originates from a vulnerability that allows remote...
MicroWorld Technologies eScan Management Console 跨站脚本漏洞
The MicroWorld Technologies eScan Management Console is an eScan management console from MicroWorld Technologies, Inc. A cross-site scripting vulnerability exists in Microworld Technologies eScan Management console version v.14.0.1400.2281, which originates from a vulnerability that allows a remo...
CVE-2023-33731
Reflected Cross Site Scripting XSS in the view dashboard detail feature in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the URL directly...
CVE-2023-33732
Cross Site Scripting XSS in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval...
CVE-2023-33732
Cross Site Scripting XSS in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval...
Microworld Technologies eScan Management Console 安全漏洞
MicroWorld Technologies eScan Management Console is an electronic scanning management console from MicroWorld Technologies, Inc. A security vulnerability exists in Microworld Technologies eScan Management Console version 14.0.1400.2281, which originates in the GetUserCurrentPwd function that allo...
PT-2023-24461 · Microworld Technologies · Escan
Name of the Vulnerable Software and Affected Versions: Microworld Technologies eScan management console version 14.0.1400.2281 Description: The issue allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval in the New Policy form. This...
CVE-2023-31703
Cross Site Scripting XSS in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter...
CVE-2023-31702
SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1...
CVE-2023-31702
SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1...
CVE-2023-31702
SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1...
MicroWorld eScan Management Console 跨站脚本漏洞
MicroWorld eScan Management Console is a control panel from MicroWorld Japan. It helps system administrators remotely manage all eScan client computers on a network. A security vulnerability exists in MicroWorld eScan Management Console version 14.0.1400.2281, which originates from the presence o...
CVE-2023-31702
SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1...
CVE-2023-31702
The CVE-2023-31702 vulnerability affects MicroWorld eScan Management Console 14.0.1400.2281. It is a SQL injection in the GetUserCurrentPwd?UsrId=1 endpoint used in the View User Profile, enabling an authenticated attacker to dump the entire database and potentially execute OS commands on the bac...
CVE-2023-31702
SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1...
PT-2023-23422 · Microworld · Microworld Escan Management Console
Name of the Vulnerable Software and Affected Versions: MicroWorld eScan Management Console version 14.0.1400.2281 Description: The issue allows a remote attacker to perform SQL injection in the View User Profile feature, enabling them to dump the entire database and gain a Windows XP command shel...
MicroWorld Technologies eScan Anti-Virus 输入验证错误漏洞
MicroWorld Technologies eScan Anti-Virus is an Internet security solution from MicroWorld Technologies, USA. It provides virus protection for enterprise and home SOHO users. The MicroWorld Technologies eScan Anti-Virus is prone to an input validation error vulnerability that originates from inval...
Cross site request forgery (csrf)
In MicroWorld eScan Internet Security Suite ISS for Business 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \.\econceal to cause a denial of service BSOD...
CVE-2018-10098
In MicroWorld eScan Internet Security Suite ISS for Business 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \.\econceal to cause a denial of service BSOD...
CVE-2018-10098
In MicroWorld eScan Internet Security Suite ISS for Business 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \.\econceal to cause a denial of service BSOD...