CVE-2024-51211

openSIS-Classic 9.1 (OS4ED) contains a SQL injection in resetuserinfo.php via improper input validation of the username_stn_id parameter, enabling an attacker to inject arbitrary SQL commands. Affected component/file: resetuserinfo.php in OS4ED openSIS-Classic version 9.1. Root cause: insufficien...

Carrier MASmobile Security Breach

Carrier MASmobile is a dedicated MASterMind service from Carrier Corporation of America. It allows authorized central station personnel and dealers to use mobile devices to manage customer data, turn system tests on or off, and view system event history, test history and system zones. A security...

CVE-2021-40542

Opensis-Classic Version 8.0 is affected by cross-site scripting XSS. An unauthenticated user can inject and execute JavaScript code through the linkurl parameter in Ajaxurlencode.php...

CVE-2021-40543

Opensis-Classic Version 8.0 is affected by a SQL injection vulnerability due to a lack of sanitization of input data at two parameters $GET'usrid' and $GET'profid' in the PasswordCheck.php file...

CVE-2021-40542

Opensis-Classic Version 8.0 is affected by cross-site scripting XSS. An unauthenticated user can inject and execute JavaScript code through the linkurl parameter in Ajaxurlencode.php...

Input validation

Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Insufficient input validation vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user...