6 matches found
WiKID Systems 2FA Enterprise Server Cross-Site Scripting Vulnerability (CNVD-2019-43367)
WiKID Systems 2FA Enterprise Server is a two-factor authentication server from WiKID Systems, USA. A cross-site scripting vulnerability exists in WiKID Systems 2FA Enterprise Server, which can be exploited by an attacker to inject malicious script or HTML code, which can be used to obtain sensiti...
WiKID Systems 2FA Enterprise Server searchDevices.jsp SQL Injection Vulnerability
WiKID Systems 2FA Enterprise Server is a two-factor authentication server from WiKID Systems, USA. A SQL injection vulnerability exists in WiKID Systems 2FA Enterprise Server searchDevices.jsp, which can be exploited by an attacker to submit a specially crafted SQL request to manipulate a databas...
WiKID Systems 2FA Enterprise Server Cross-Site Scripting Vulnerability
WiKID Systems 2FA Enterprise Server is a two-factor authentication server from WiKID Systems, USA. A cross-site scripting vulnerability exists in WiKID 2FA Enterprise Server 4.2.0-b2047 and prior versions. The vulnerability stems from a WEB application lacking proper authentication of client data...
WiKID Systems 2FA Enterprise Server Cross-Site Request Forgery Vulnerability
WiKID Systems 2FA Enterprise Server is a two-factor authentication server from WiKID Systems, USA. A cross-site request forgery vulnerability exists in WiKID 2FA Enterprise Server version 4.2.0-b2053 and earlier. The vulnerability stems from a WEB application that does not adequately validate tha...
WiKID Systems 2FA Enterprise Server 4.2.0-b2032 SQL Injection / XSS / CSRF
WiKID Systems 2FA Enterprise Serverversion 4.2.0-b2032 and earlier was found to be vulnerable to multiple Cross-Site Scripting, SQLi, and CSRF issues. searchDevices.jsp is vulnerable to SQL injection through the uid and domain parameters. The application uses Postgres which supports Stacked...
WiKID Systems 2FA Enterprise Server SQL Injection Vulnerability
WiKID Systems 2FA Enterprise Server is a two-factor authentication server from WiKID Systems, USA. A SQL injection vulnerability exists in the Logs.jsp file in WiKID 2FA Enterprise Server 4.2.0-b2053 and prior versions. The vulnerability stems from a lack of validation of externally entered SQL...