Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:30 a.m.6 views

CVE-2019-16917

WiKID Enterprise 2FA two factor authentication Enterprise Server through 4.2.0-b2047 is vulnerable to SQL injection through the searchDevices.jsp endpoint. The uid and domain parameters are used, unsanitized, in a SQL query constructed in the buildSearchWhereClause function...

8.8CVSS7.7AI score0.02143EPSS
Exploits3References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-7581

Malware in sbrugna...

6.1CVSS6.3AI score0.49955EPSS
Exploits3References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-7412

Malware in sbrugna...

8.8CVSS8.7AI score0.02143EPSS
Exploits3References5
CNVD
CNVD
added 2019/10/18 12:0 a.m.2 views

WiKID Systems 2FA Enterprise Server Cross-Site Scripting Vulnerability (CNVD-2019-43370)

WiKID Systems 2FA Enterprise Server is a two-factor authentication server from WiKID Systems, USA. A cross-site scripting vulnerability exists in WiKID 2FA Enterprise Server 4.2.0-b2047 and prior versions. The vulnerability stems from a WEB application lacking proper authentication of client data...

6.1CVSS6.6AI score0.49955EPSS
Exploits3References1
OSV
OSV
added 2019/10/17 7:15 p.m.5 views

CVE-2019-17120

A stored and reflected cross-site scripting XSS vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/admusrs.jsp. The usr parameter is vulnerable: the reflected cross-site scripting occurs immediately after...

6.1CVSS6.4AI score0.49955EPSS
Exploits3References3
OSV
OSV
added 2019/10/17 6:15 p.m.3 views

CVE-2019-17116

A stored and reflected cross-site scripting XSS vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/groups.jsp. The groupName parameter is vulnerable: the reflected cross-site scripting occurs immediately...

6.1CVSS6.4AI score0.01659EPSS
Exploits3References3
OSV
OSV
added 2019/10/17 6:15 p.m.3 views

CVE-2019-16917

WiKID Enterprise 2FA two factor authentication Enterprise Server through 4.2.0-b2047 is vulnerable to SQL injection through the searchDevices.jsp endpoint. The uid and domain parameters are used, unsanitized, in a SQL query constructed in the buildSearchWhereClause function...

8.8CVSS7.3AI score0.02143EPSS
Exploits3References3
Prion
Prion
added 2019/10/17 6:15 p.m.18 views

Sql injection

WiKID Enterprise 2FA two factor authentication Enterprise Server through 4.2.0-b2047 is vulnerable to SQL injection through the searchDevices.jsp endpoint. The uid and domain parameters are used, unsanitized, in a SQL query constructed in the buildSearchWhereClause function...

6.5CVSS8.9AI score0.02143EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2019/10/17 5:42 p.m.21 views

CVE-2019-16917

WiKID Enterprise 2FA two factor authentication Enterprise Server through 4.2.0-b2047 is vulnerable to SQL injection through the searchDevices.jsp endpoint. The uid and domain parameters are used, unsanitized, in a SQL query constructed in the buildSearchWhereClause function...

9AI score0.02143EPSS
Exploits3References3
CVE
CVE
added 2019/10/17 5:42 p.m.55 views

CVE-2019-16917

WiKID Enterprise 2FA Enterprise Server (up to 4.2.0-b2047) is affected by an SQL injection in searchDevices.jsp. The uid and domain parameters are unsanitized and used in a SQL query built in buildSearchWhereClause, enabling arbitrary SQL execution as described by multiple sources. Public details...

8.8CVSS8.9AI score0.02143EPSS
Exploits3References3Affected Software1
Rows per page
Query Builder