40 matches found
CVE-2020-10671
The Canon Oce Colorwave 500 4.0.0.0 printer's web application is missing any form of CSRF protections. This is a system-wide issue. An attacker could perform administrative actions by targeting a logged-in administrative user. NOTE: this is fixed in the latest version...
CVE-2020-10668
The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in /home.jsp. The vulnerable parameter is openSI. NOTE: this is fixed in the latest version...
CVE-2020-10669
The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to authentication bypass on the page /home.jsp. An unauthenticated attacker able to connect to the device's web interface can get a copy of the documents uploaded by any users. NOTE: this is fixed in the late...
CVE-2020-10670
The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in the parameter settingId of the settingDialogContent.jsp page. NOTE: this is fixed in the latest version...
EUVD-2021-25728
Malware in sbrugna...
EUVD-2021-25729
Malware in sbrugna...
EUVD-2020-3112
Malware in sbrugna...
EUVD-2020-3114
Malware in sbrugna...
EUVD-2020-3113
Malware in sbrugna...
EUVD-2020-3115
Malware in sbrugna...
EUVD-2020-19055
Malware in sbrugna...
EUVD-2020-3111
Malware in sbrugna...
CVE-2021-39367
Canon Oce Print Exec Workgroup 1.3.2 allows Host header injection...
CVE-2021-39368
Canon Oce Print Exec Workgroup 1.3.2 allows XSS via the lang parameter...
CVE-2020-10667
The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Stored XSS in /TemplateManager/indexExternalLocation.jsp. The vulnerable parameter is maptemplatename. NOTE: this is fixed in the latest version...
CVE-2021-39368
Canon Oce Print Exec Workgroup 1.3.2 allows XSS via the lang parameter...
CVE-2021-39367
Canon Oce Print Exec Workgroup 1.3.2 allows Host header injection...
CVE-2021-39368
Canon Oce Print Exec Workgroup 1.3.2 allows XSS via the lang parameter...
Design/Logic Flaw
Canon Oce Print Exec Workgroup 1.3.2 allows XSS via the lang parameter...
Design/Logic Flaw
Canon Oce Print Exec Workgroup 1.3.2 allows Host header injection...