Lucene search
K

5 matches found

NVD
NVD
added 2017/12/04 2:29 p.m.35 views

CVE-2017-17057

There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The vulnerability exists due to insufficient filtration of user-supplied data in the 'Range' field of the 'Department' module in a Personnel Advanced Query. A remote attacker can execute arbitrary HTML and script code in the browse...

6.1CVSS6.2AI score0.01238EPSS
Exploits3References2
OSV
OSV
added 2017/12/04 2:29 p.m.3 views

CVE-2017-17057

There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The vulnerability exists due to insufficient filtration of user-supplied data in the 'Range' field of the 'Department' module in a Personnel Advanced Query. A remote attacker can execute arbitrary HTML and script code in the browse...

6.1CVSS6.1AI score0.01238EPSS
Exploits3References2
Prion
Prion
added 2017/12/04 2:29 p.m.13 views

Cross site scripting

There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The vulnerability exists due to insufficient filtration of user-supplied data in the 'Range' field of the 'Department' module in a Personnel Advanced Query. A remote attacker can execute arbitrary HTML and script code in the browse...

4.3CVSS6.2AI score0.01238EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2017/12/04 2:0 p.m.35 views

CVE-2017-17057

There is a reflected XSS vulnerability in ZKTime Web 2.0.1.12280. The vulnerability exists due to insufficient filtration of user-supplied data in the 'Range' field of the 'Department' module in a Personnel Advanced Query. A remote attacker can execute arbitrary HTML and script code in the browse...

6.8AI score0.01238EPSS
Exploits3References2
CNVD
CNVD
added 2017/12/04 12:0 a.m.5 views

ZKTeco ZKTime Web Personnel Advanced Query Department Module Cross-Site Scripting Vulnerability

ZKTeco ZKTime Web is a time and attendance management system from ZKTeco, Inc.The Department module in Personnel Advanced Query is one of the departmental personnel advanced query modules. A cross-site scripting vulnerability exists in the Range field of the Department module in Personnel Advance...

6.1CVSS6.6AI score0.01238EPSS
Exploits3References1
Rows per page
Query Builder