EUVD-2017-12859

Malware in sbrugna...

CVE-2021-43960

Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires administrator privileges and is performed through the Wizard editor of the application. The attack requires an administrator to go into the Wizard editor and enter an XSS payload within the Page title,...

CVE-2021-43960

Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires administrator privileges and is performed through the Wizard editor of the application. The attack requires an administrator to go into the Wizard editor and enter an XSS payload within the Page title,...

CVE-2021-43960

Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires administrator privileges and is performed through the Wizard editor of the application. The attack requires an administrator to go into the Wizard editor and enter an XSS payload within the Page title,...

Cross site scripting

DISPUTED Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires administrator privileges and is performed through the Wizard editor of the application. The attack requires an administrator to go into the Wizard editor and enter an XSS payload within the Pa...

CVE-2021-43960

Lorensbergs Connect2 3.13.7647.20190 is affected by a cross-site scripting (XSS) vulnerability. An administrator can inject an XSS payload through the Wizard editor by entering it in fields such as Page title, Page Instructions, Text before, Text after, or Text on side box and saving; the payload...

CVE-2021-43960

Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires administrator privileges and is performed through the Wizard editor of the application. The attack requires an administrator to go into the Wizard editor and enter an XSS payload within the Page title,...

Lorensbergs Connect2 跨站脚本漏洞

Lorensbergs Connect2 is a one-stop booking software solution for all university campus resources, events and student services from Lorensbergs UK. A cross-site scripting vulnerability exists in Lorensbergs Connect2 version 3.13.7647.20190, which originates in the wizard editor for "Page Title",...

PT-2022-11957 · Lorensbergs · Lorensbergs Connect2

Name of the Vulnerable Software and Affected Versions: Lorensbergs Connect2 version 3.13.7647.20190 Description: The issue concerns an XSS vulnerability that requires administrator privileges to exploit. It is performed through the Wizard editor of the application, where an administrator must ent...

Lenovo Connect2 Information Disclosure Vulnerability

Lenovo Connect2 is a free management tool for transferring content between computers and cell phones from the Chinese company Lenovo. A security vulnerability exists in Lenovo Connect2 that stems from the program storing ad-hoc connection passwords in a user-readable location. An attacker could u...

CVE-2017-3742

In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and 4.2.5.3071 for Android, when an ad-hoc connection is made between two systems for the purpose of sharing files, the password for this ad-hoc connection will be stored in a user-readable location. An attacker with read access to t...

Code injection

In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and 4.2.5.3071 for Android, when an ad-hoc connection is made between two systems for the purpose of sharing files, the password for this ad-hoc connection will be stored in a user-readable location. An attacker with read access to t...

CVE-2017-3742

In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and 4.2.5.3071 for Android, when an ad-hoc connection is made between two systems for the purpose of sharing files, the password for this ad-hoc connection will be stored in a user-readable location. An attacker with read access to t...

CVE-2017-3742

In Lenovo Connect2 versions earlier than 4.2.5.4885 for Windows and 4.2.5.3071 for Android, when an ad-hoc connection is made between two systems for the purpose of sharing files, the password for this ad-hoc connection will be stored in a user-readable location. An attacker with read access to t...

CVE-2017-3742

CVE-2017-3742 details from Lenovo advisory: Lenovo Connect2 stores the ad-hoc connection password in a user-readable location on Windows builds before 4.2.5.4885 and Android builds before 4.2.5.3071. This allows an attacker with access to the user’s files to view the contents being transferred vi...

Lenovo Connect2 Ad-hoc Wifi Network Key Stored in User-readable Location - us

Lenovo Security Advisory: LEN-14398 Potential Impact: Disclosure of ad-hoc wifi network key stored in user-readable location Severity: Medium Scope of Impact: Lenovo Specific CVE Identifier: CVE-2017-3742 Summary Description: An internal assessment has identified a vulnerability in Lenovo Connect...

Lenovo Connect2 Ad-hoc Wifi Network Key Stored in User-readable Location - Lenovo Support US

No description provided...