Lucene search
K

32 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/11 9:5 a.m.5 views

CVE-2025-13648

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is required who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Name’ and “Surname” parameters within the ‘My Account’ section at the...

4.8CVSS5.7AI score0.00227EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/11 9:5 a.m.4 views

CVE-2025-13648 STORED CROSS-SITE SCRIPTING (XSS) ON MICROCOM'S ZEUSWEB

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is required who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Name’ and “Surname” parameters within the ‘My Account’ section at the...

4.8CVSS5.7AI score0.00227EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/11 9:5 a.m.25 views

CVE-2025-13648 STORED CROSS-SITE SCRIPTING (XSS) ON MICROCOM'S ZEUSWEB

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is required who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Name’ and “Surname” parameters within the ‘My Account’ section at the...

4.8CVSS0.00227EPSS
Exploits0References4
CVE
CVE
added 2026/02/11 9:5 a.m.12 views

CVE-2025-13648

CVE-2025-13648 describes a stored XSS in ZeusWeb 6.1.31 from Microcom. An attacker with access to the web application can inject arbitrary JavaScript by submitting an XSS payload into the Name and Surname fields in the My Account section at https://zeus.microcom.es:4040/administracion-estaciones....

6.1CVSS5.7AI score0.00227EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.12 views

PT-2026-7507

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is required who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Name’ and “Surname” parameters within the ‘My Account’ section at the...

4.8CVSS5.7AI score0.00227EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.13 views

PT-2026-7509

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Surname’ parameter of the ‘Creat...

5.1CVSS5.7AI score0.00227EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.6 views

Microcom ZeusWeb 安全漏洞

Microcom ZeusWeb is a remote monitoring platform developed by the Spanish company Microcom. Version 6.1.31 of Microcom ZeusWeb contains a security vulnerability. This vulnerability stems from the injection of XSS payloads into the Email parameter in the “Recover password” section, which may lead ...

6.1CVSS5.6AI score0.00227EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.7 views

Microcom ZeusWeb 安全漏洞

Microcom ZeusWeb is a remote monitoring platform developed by the Spanish company Microcom. Version 6.1.31 of Microcom ZeusWeb contains a security vulnerability. This vulnerability stems from the exposure of sensitive system information to unauthorized participants, which may lead to fingerprint...

7.5CVSS5.8AI score0.004EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.9 views

PT-2026-7508

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Email’ parameters within the...

5.1CVSS5.7AI score0.00227EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.12 views

PT-2026-7510

Exposure of Sensitive System Information to an Unauthorized Actor vulnerability in Microcom ZeusWeb allows Web Application Fingerprinting of sensitive data. This issue affects ZeusWeb: 6.1.31...

6.9CVSS5.5AI score0.004EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.9 views

Microcom ZeusWeb 安全漏洞

Microcom ZeusWeb is a remote monitoring platform developed by the Spanish company Microcom. Version 6.1.31 of Microcom ZeusWeb contains a security vulnerability. This vulnerability stems from the injection of XSS payloads into the Name and Surname parameters within the My Account section, which m...

6.1CVSS5.8AI score0.00227EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.9 views

Microcom ZeusWeb 安全漏洞

Microcom ZeusWeb is a remote monitoring platform developed by the Spanish company Microcom. Version 6.1.31 of Microcom ZeusWeb contains a security vulnerability. This vulnerability stems from the injection of XSS payloads into the Surname parameter during the Create Account operation, which may...

6.1CVSS5.6AI score0.00227EPSS
Exploits0References4
Rows per page
Query Builder