CHIYU科技BF-630W 跨站脚本漏洞

BF-630W is a web-based fingerprint-secured single-door biometric reader controller from CHIYU Technology CHIYU Technology suffers from a cross-site scripting vulnerability that stems from an unauthenticated XSS vulnerability in several CHIYU Technology IoT devices, including BF-630, BF-450M,...

CHIYU BF-630W 跨站脚本漏洞

BF-630W is a web-based fingerprint-secured single-door biometric reader controller from CHIYU Technology CHIYU Technology suffers from a cross-site scripting vulnerability that stems from an unauthenticated XSS vulnerability in several CHIYU Technology IoT devices, including BF-630, BF-450M,...

Multiple Chiyu Products Cross-Site Scripting Vulnerabilities

Chiyu BF-630, BF-630W and BF-660C are all products of Chiyu.BF-630 and BF-630W are networked fingerprint access controllers.BF-660C is a networked fingerprint access control and time and attendance machine. A cross-site scripting vulnerability exists in multiple Chiyu products. A remote attacker...

CVE-2015-5618

Chiyu BF-630 and BF-630W fingerprint access-control devices allow remote attackers to bypass authentication and 1 read or 2 modify a Voice Time Set configuration settings via a request to voice.htm or b UniFinger configuration settings via a request to bf.htm, a different vulnerability than...

CVE-2015-2870

Cross-site scripting XSS vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element...

Cross site scripting

Cross-site scripting XSS vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element...

Authentication flaw

Chiyu BF-630 and BF-630W fingerprint access-control devices allow remote attackers to bypass authentication and 1 read or 2 modify a Voice Time Set configuration settings via a request to voice.htm or b UniFinger configuration settings via a request to bf.htm, a different vulnerability than...

CVE-2015-2870

Cross-site scripting XSS vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element...

CVE-2015-5618

The CVE-2015-5618 entry concerns Chiyu BF-630 and BF-630W fingerprint access-control devices. The documented vulnerability allows remote attackers to bypass authentication and read or modify configuration data: (1) Voice Time Set via a request to voice.htm and (2) UniFinger configuration via a re...

CVE-2015-5618

Chiyu BF-630 and BF-630W fingerprint access-control devices allow remote attackers to bypass authentication and 1 read or 2 modify a Voice Time Set configuration settings via a request to voice.htm or b UniFinger configuration settings via a request to bf.htm, a different vulnerability than...