Lucene search
K

6 matches found

CNVD
CNVD
added 2019/10/21 12:0 a.m.2 views

WiKID Systems 2FA Enterprise Server Cross-Site Scripting Vulnerability (CNVD-2019-43367)

WiKID Systems 2FA Enterprise Server is a two-factor authentication server from WiKID Systems, USA. A cross-site scripting vulnerability exists in WiKID Systems 2FA Enterprise Server, which can be exploited by an attacker to inject malicious script or HTML code, which can be used to obtain sensiti...

6.1CVSS6AI score0.01659EPSS
Exploits3References1
CNVD
CNVD
added 2019/10/21 12:0 a.m.3 views

WiKID Systems 2FA Enterprise Server searchDevices.jsp SQL Injection Vulnerability

WiKID Systems 2FA Enterprise Server is a two-factor authentication server from WiKID Systems, USA. A SQL injection vulnerability exists in WiKID Systems 2FA Enterprise Server searchDevices.jsp, which can be exploited by an attacker to submit a specially crafted SQL request to manipulate a databas...

8.8CVSS8.3AI score0.02143EPSS
Exploits3References1
CNVD
CNVD
added 2019/10/21 12:0 a.m.4 views

WiKID Systems 2FA Enterprise Server Cross-Site Scripting Vulnerability

WiKID Systems 2FA Enterprise Server is a two-factor authentication server from WiKID Systems, USA. A cross-site scripting vulnerability exists in WiKID 2FA Enterprise Server 4.2.0-b2047 and prior versions. The vulnerability stems from a WEB application lacking proper authentication of client data...

6.1CVSS6.6AI score0.01659EPSS
Exploits3References1
CNVD
CNVD
added 2019/10/21 12:0 a.m.6 views

WiKID Systems 2FA Enterprise Server Cross-Site Request Forgery Vulnerability

WiKID Systems 2FA Enterprise Server is a two-factor authentication server from WiKID Systems, USA. A cross-site request forgery vulnerability exists in WiKID 2FA Enterprise Server version 4.2.0-b2053 and earlier. The vulnerability stems from a WEB application that does not adequately validate tha...

8.8CVSS7AI score0.00937EPSS
Exploits3References1
Packet Storm
Packet Storm
added 2019/10/18 12:0 a.m.238 views

WiKID Systems 2FA Enterprise Server 4.2.0-b2032 SQL Injection / XSS / CSRF

WiKID Systems 2FA Enterprise Serverversion 4.2.0-b2032 and earlier was found to be vulnerable to multiple Cross-Site Scripting, SQLi, and CSRF issues. searchDevices.jsp is vulnerable to SQL injection through the uid and domain parameters. The application uses Postgres which supports Stacked...

0.4AI score0.49955EPSS
Exploits10
CNVD
CNVD
added 2019/10/18 12:0 a.m.2 views

WiKID Systems 2FA Enterprise Server SQL Injection Vulnerability

WiKID Systems 2FA Enterprise Server is a two-factor authentication server from WiKID Systems, USA. A SQL injection vulnerability exists in the Logs.jsp file in WiKID 2FA Enterprise Server 4.2.0-b2053 and prior versions. The vulnerability stems from a lack of validation of externally entered SQL...

8.8CVSS8.4AI score0.01749EPSS
Exploits3References1
Rows per page
Query Builder