43 matches found
CVE-2022-23397
The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im reference has "no...
CVE-2022-23397
The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im reference has "no...
Cross site scripting
DISPUTED The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im referenc...
PT-2022-15974 · Cedar Gate · Cedar Gate Ez-Net Portal
Name of the Vulnerable Software and Affected Versions: Cedar Gate EZ-NET portal versions 6.5.5 through 6.8.0 Description: The issue arises from a call to display messages to users that does not properly sanitize data sent through a URL parameter, leading to a Reflected Cross-Site Scripting...
CVE-2022-23397
The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im reference has "no...
CVE-2022-23397
The CVE-2022-23397 entry affects Cedar Gate EZ-NET Portal versions 6.5.5 through 6.8.0. A vulnerability exists in the portal’s handling of URL parameters during the display of messages to users, where data sent via the URL is not properly sanitized, enabling Reflected Cross-Site Scripting. The is...
CVE-2022-23397
The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im reference has "no...
Cedar Gate EZ-NET 跨站脚本漏洞
Cedar Gate EZ-NET is an Internet portal application from Cedar UK. A cross-site scripting vulnerability exists in The Cedar Gate EZ-NET 6.5.5, 6.6.3, 6.7.0, and 6.8.0 that stems from The Cedar Gate EZ-NET 6.5.5, and 6.8.0 having a call to display messages to the user that do not correctly clean u...
CVE-2021-38783
There is a Out-of-Bound Write in the Allwinner R818 SoC Android Q SDK V1.0 camera driver "/dev/cedardev" through iotcl cmd IOCTLSETPROCINFO and IOCTLCOPYPROCINFO, which could cause a system crash or EoP...
Hezbollah-Linked Lebanese Cedar APT Infiltrates Hundreds of Servers
Advanced persistent threat APT group Lebanese Cedar has compromised at least 250 public-facing servers since early 2020, researchers said, with its latest malware. The group has added new features to its custom “Caterpillar” webshell and the “Explosive RAT” remote access trojan RAT, both of which...
Hezbollah Hacker Group Targeted Telecoms, Hosting, ISPs Worldwide
A "persistent attacker group" with alleged ties to Hezbollah has retooled its malware arsenal with a new version of a remote access Trojan RAT to break into companies worldwide and extract valuable information. In a new report published by the ClearSky research team on Thursday, the Israeli...
cedarlakeinstruments.com XSS vulnerability
Open Bug Bounty ID: OBB-702318 Description| Value ---|--- Affected Website:| cedarlakeinstruments.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:...
cedar-craft.com XSS vulnerability
Open Bug Bounty ID: OBB-664394 Description| Value ---|--- Affected Website:| cedar-craft.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
cedarrapids.kernels.milb.com XSS vulnerability
Vulnerable URL: http://cedarrapids.kernels.milb.com/index.jsp?sid=t492%22/%3E%3Cscript%3Ealert%27OPENBUGBOUNTY%27%3C/script%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknow...
Cedar Point VR - External URLs, Native code usage, SD-card access vulnerabilities
HackApp vulnerability scanner discovered that application Cedar Point VR published at the 'play' market has multiple vulnerabilities...
cedarfallsbaptistchurch.org XSS vulnerability
Vulnerable URL: http://www.cedarfallsbaptistchurch.org/search.php?pageID=search= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 1 VIP...
cedarbluffsschools.org XSS vulnerability
Vulnerable URL: http://www.cedarbluffsschools.org/cs/forgot.v Details: Description| Value ---|--- Patched:| Yes, at 29.11.2015 Latest check for patch:| 29.11.2015 12:48 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 16392549 Google Pagerank| 3 VIP website...
Volatile Cedar APT Group First Operating Out of Lebanon
An APT group with its sights on selective targets, most of those in Israel, has been using an elusive malware implant to steal data from groups with state and political interests. The gang, called Volatile Cedar by researchers at Check Point Software Systems, has been working since 2012 and could...
CVE-2014-7380
The Cedar Kiosk aka com.apps2you.cedarkiosk application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The Cedar Kiosk aka com.apps2you.cedarkiosk application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...