EUVD-2024-54768

Malicious code in bioql PyPI...

CVE-2024-36697

A cross-site scripting XSS vulnerability in the Admin Login page of Allworx System Software v9.1.9.12 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SessionID parameter at query.asp...

CVE-2024-36697

A cross-site scripting XSS vulnerability in the Admin Login page of Allworx System Software v9.1.9.12 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SessionID parameter at query.asp...

CVE-2024-36697

A cross-site scripting XSS vulnerability in the Admin Login page of Allworx System Software v9.1.9.12 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SessionID parameter at query.asp...

CVE-2024-36697

CVE-2024-36697 describes an XSS in Allworx System Software v9.1.9.12, affecting the Admin Login page via the SessionID parameter in query.asp. No exploitation details are provided in the connected documents. Remediation guidance from PT-2025-29092: apply a fix for Allworx System Software version ...

Allworx System Software 跨站脚本漏洞

Allworx System Software is a communication software platform from Allworx Corporation. A security vulnerability exists in Allworx System Software version v9.1.9.12, which stems from improper handling of the SessionID parameter in the Admin Login page, which could lead to a cross-site scripting...

PT-2025-29092 · Unknown · Allworx System

Name of the Vulnerable Software and Affected Versions: Allworx System Software version 9.1.9.12 Description: A cross-site scripting XSS issue exists in the Admin Login page. Attackers can execute arbitrary web scripts or HTML by injecting a crafted payload into the SessionID parameter at the...

CVE-2024-36697

A cross-site scripting XSS vulnerability in the Admin Login page of Allworx System Software v9.1.9.12 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SessionID parameter at query.asp...