Lucene search
K

43 matches found

NVD
NVD
added 2022/03/04 3:15 p.m.15 views

CVE-2022-23397

The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im reference has "no...

6.1CVSS0.00913EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/03/04 3:15 p.m.6 views

CVE-2022-23397

The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im reference has "no...

6.1CVSS6.3AI score0.00913EPSS
Exploits0References3
Prion
Prion
added 2022/03/04 3:15 p.m.15 views

Cross site scripting

DISPUTED The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im referenc...

4.3CVSS6.1AI score0.00913EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/03/04 12:0 a.m.12 views

PT-2022-15974 · Cedar Gate · Cedar Gate Ez-Net Portal

Name of the Vulnerable Software and Affected Versions: Cedar Gate EZ-NET portal versions 6.5.5 through 6.8.0 Description: The issue arises from a call to display messages to users that does not properly sanitize data sent through a URL parameter, leading to a Reflected Cross-Site Scripting...

6.1CVSS6AI score0.00913EPSS
Exploits0References7
Cvelist
Cvelist
added 2022/03/04 12:0 a.m.16 views

CVE-2022-23397

The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im reference has "no...

6.2AI score0.00913EPSS
Exploits0References1
CVE
CVE
added 2022/03/04 12:0 a.m.90 views

CVE-2022-23397

The CVE-2022-23397 entry affects Cedar Gate EZ-NET Portal versions 6.5.5 through 6.8.0. A vulnerability exists in the portal’s handling of URL parameters during the display of messages to users, where data sent via the URL is not properly sanitized, enabling Reflected Cross-Site Scripting. The is...

6.1CVSS6AI score0.00913EPSS
In wildExploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/03/04 12:0 a.m.13 views

CVE-2022-23397

The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im reference has "no...

6.1AI score0.00913EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/03/04 12:0 a.m.20 views

Cedar Gate EZ-NET 跨站脚本漏洞

Cedar Gate EZ-NET is an Internet portal application from Cedar UK. A cross-site scripting vulnerability exists in The Cedar Gate EZ-NET 6.5.5, 6.6.3, 6.7.0, and 6.8.0 that stems from The Cedar Gate EZ-NET 6.5.5, and 6.8.0 having a call to display messages to the user that do not correctly clean u...

6.1CVSS5.2AI score0.00913EPSS
Exploits0References2
OSV
OSV
added 2022/01/18 1:15 p.m.4 views

CVE-2021-38783

There is a Out-of-Bound Write in the Allwinner R818 SoC Android Q SDK V1.0 camera driver "/dev/cedardev" through iotcl cmd IOCTLSETPROCINFO and IOCTLCOPYPROCINFO, which could cause a system crash or EoP...

7.5CVSS7.1AI score0.0182EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2021/02/01 9:18 p.m.120 views

Hezbollah-Linked Lebanese Cedar APT Infiltrates Hundreds of Servers

Advanced persistent threat APT group Lebanese Cedar has compromised at least 250 public-facing servers since early 2020, researchers said, with its latest malware. The group has added new features to its custom “Caterpillar” webshell and the “Explosive RAT” remote access trojan RAT, both of which...

10CVSS10AI score0.99913EPSS
Exploits33References6
The Hacker News
The Hacker News
added 2021/01/29 10:8 a.m.6 views

Hezbollah Hacker Group Targeted Telecoms, Hosting, ISPs Worldwide

A "persistent attacker group" with alleged ties to Hezbollah has retooled its malware arsenal with a new version of a remote access Trojan RAT to break into companies worldwide and extract valuable information. In a new report published by the ClearSky research team on Thursday, the Israeli...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/11/24 7:7 p.m.12 views

cedarlakeinstruments.com XSS vulnerability

Open Bug Bounty ID: OBB-702318 Description| Value ---|--- Affected Website:| cedarlakeinstruments.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:...

Exploits0
Openbugbounty
Openbugbounty
added 2018/08/14 10:12 p.m.9 views

cedar-craft.com XSS vulnerability

Open Bug Bounty ID: OBB-664394 Description| Value ---|--- Affected Website:| cedar-craft.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2016/10/02 4:21 p.m.23 views

cedarrapids.kernels.milb.com XSS vulnerability

Vulnerable URL: http://cedarrapids.kernels.milb.com/index.jsp?sid=t492%22/%3E%3Cscript%3Ealert%27OPENBUGBOUNTY%27%3C/script%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknow...

6.3AI score
Exploits0
hackapp
hackapp
added 2016/04/01 9:0 a.m.13 views

Cedar Point VR - External URLs, Native code usage, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application Cedar Point VR published at the 'play' market has multiple vulnerabilities...

0.7AI score
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2016/01/26 9:40 p.m.10 views

cedarfallsbaptistchurch.org XSS vulnerability

Vulnerable URL: http://www.cedarfallsbaptistchurch.org/search.php?pageID=search= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 1 VIP...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2015/11/08 11:54 a.m.13 views

cedarbluffsschools.org XSS vulnerability

Vulnerable URL: http://www.cedarbluffsschools.org/cs/forgot.v Details: Description| Value ---|--- Patched:| Yes, at 29.11.2015 Latest check for patch:| 29.11.2015 12:48 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 16392549 Google Pagerank| 3 VIP website...

6.3AI score
Exploits0
ThreatPost
ThreatPost
added 2015/03/31 9:0 a.m.15 views

Volatile Cedar APT Group First Operating Out of Lebanon

An APT group with its sights on selective targets, most of those in Israel, has been using an elusive malware implant to steal data from groups with state and political interests. The gang, called Volatile Cedar by researchers at Check Point Software Systems, has been working since 2012 and could...

7.4AI score
Exploits0
NVD
NVD
added 2014/10/19 10:55 a.m.13 views

CVE-2014-7380

The Cedar Kiosk aka com.apps2you.cedarkiosk application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS5.9AI score0.00266EPSS
Exploits0References3
Prion
Prion
added 2014/10/19 10:55 a.m.12 views

Information disclosure

The Cedar Kiosk aka com.apps2you.cedarkiosk application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS6.4AI score0.00266EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder