2 matches found
CVE-2023-24497
Cross-site scripting xss vulnerabilities exist in the requestHandlers.js detaildevice functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these vulnerabilities.This XSS is exploite...
Milesight VPN 路径遍历漏洞
Milesight VPN is a web-based VPN monitoring and management platform from Milesight. A path traversal vulnerability exists in Milesight VPN v2.0.2. An attacker can exploit this vulnerability to read arbitrary files via a specially crafted web request...