32 matches found
CVE-2025-13648
An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is required who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Name’ and “Surname” parameters within the ‘My Account’ section at the...
CVE-2025-13648 STORED CROSS-SITE SCRIPTING (XSS) ON MICROCOM'S ZEUSWEB
An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is required who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Name’ and “Surname” parameters within the ‘My Account’ section at the...
CVE-2025-13648 STORED CROSS-SITE SCRIPTING (XSS) ON MICROCOM'S ZEUSWEB
An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is required who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Name’ and “Surname” parameters within the ‘My Account’ section at the...
CVE-2025-13648
CVE-2025-13648 describes a stored XSS in ZeusWeb 6.1.31 from Microcom. An attacker with access to the web application can inject arbitrary JavaScript by submitting an XSS payload into the Name and Surname fields in the My Account section at https://zeus.microcom.es:4040/administracion-estaciones....
PT-2026-7507
An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is required who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Name’ and “Surname” parameters within the ‘My Account’ section at the...
PT-2026-7509
An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Surname’ parameter of the ‘Creat...
Microcom ZeusWeb 安全漏洞
Microcom ZeusWeb is a remote monitoring platform developed by the Spanish company Microcom. Version 6.1.31 of Microcom ZeusWeb contains a security vulnerability. This vulnerability stems from the injection of XSS payloads into the Email parameter in the “Recover password” section, which may lead ...
Microcom ZeusWeb 安全漏洞
Microcom ZeusWeb is a remote monitoring platform developed by the Spanish company Microcom. Version 6.1.31 of Microcom ZeusWeb contains a security vulnerability. This vulnerability stems from the exposure of sensitive system information to unauthorized participants, which may lead to fingerprint...
PT-2026-7508
An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Email’ parameters within the...
PT-2026-7510
Exposure of Sensitive System Information to an Unauthorized Actor vulnerability in Microcom ZeusWeb allows Web Application Fingerprinting of sensitive data. This issue affects ZeusWeb: 6.1.31...
Microcom ZeusWeb 安全漏洞
Microcom ZeusWeb is a remote monitoring platform developed by the Spanish company Microcom. Version 6.1.31 of Microcom ZeusWeb contains a security vulnerability. This vulnerability stems from the injection of XSS payloads into the Name and Surname parameters within the My Account section, which m...
Microcom ZeusWeb 安全漏洞
Microcom ZeusWeb is a remote monitoring platform developed by the Spanish company Microcom. Version 6.1.31 of Microcom ZeusWeb contains a security vulnerability. This vulnerability stems from the injection of XSS payloads into the Surname parameter during the Create Account operation, which may...