CVE-2023-7326

The Epson Stylus SX510W embedded web management service fails to properly handle consecutive ampersand characters in query parameters when accessing /PRESENTATION/HTML/TOP/INDEX.HTML. A remote attacker can send a malformed request that triggers improper input parsing or memory handling, resulting...

CVE-2023-7326

The Epson Stylus SX510W embedded web management service fails to properly handle consecutive ampersand characters in query parameters when accessing /PRESENTATION/HTML/TOP/INDEX.HTML. A remote attacker can send a malformed request that triggers improper input parsing or memory handling, resulting...

CVE-2023-7326

The CVE-2023-7326 entry covers Epson Stylus SX510W’s embedded web management service, which mishandles consecutive ampersand characters in query parameters for /PRESENTATION/HTML/TOP/INDEX.HTML, enabling a remote attacker to trigger abnormal input parsing/memory handling and cause the printer pro...

CVE-2023-7326 Epson Stylus SX510W Printer Remote Power Off DoS

The Epson Stylus SX510W embedded web management service fails to properly handle consecutive ampersand characters in query parameters when accessing /PRESENTATION/HTML/TOP/INDEX.HTML. A remote attacker can send a malformed request that triggers improper input parsing or memory handling, resulting...

PT-2025-46732

Name of the Vulnerable Software and Affected Versions Epson Stylus SX510W affected versions not specified Description The embedded web management service in the Epson Stylus SX510W does not correctly process consecutive ampersand characters within query parameters when accessing the...

CVE-2024-41592

DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles extraneous ampersand characters and long key-value pairs...

PT-2023-12950 · Matthias Wandel +1 · Jhead +1

Name of the Vulnerable Software and Affected Versions: Matthias-Wandel/jhead version 3.06 Description: The issue arises from jhead copying strings to a stack buffer when it detects a &i or &o, without checking the boundary of the stack buffer. This results in a stack buffer overflow problem when...

Cross-Site Scripting (XSS)

markdown2 is vulnerable to cross-site scripting XSS attacks. The vulnerability is introduced by an incomplete fix to properly encode ampersands and angle brackets in the function encodeampsandangles,allowing an attacker to inject arbitrary Javascript into a victim's browser...

CVE-2003-0980

CVE-2003-0980 is an XSS vulnerability in FreeScripts VisitorBook LE (visitorbook.pl). The issue permits remote attackers to inject arbitrary HTML or JavaScript via (1) the do parameter, (2) the user parameter from a host with a malicious reverse DNS name, and (3) quote marks or ampersands in othe...