Lucene search
K

4 matches found

CVE
CVE
added 2019/09/05 1:23 p.m.79 views

CVE-2019-10677

CVE-2019-10677 affects DASAN Zhone ZNID GPON 2426A EU (S3.1.285 and earlier). The flaw is a lack of proper validation/sanitization in the web interface, enabling Cross-Site Scripting via unsanitized GET parameters: /zhndnsdisplay.cmd (name) and /wlsecrefresh.wl (wlWscCfgMethod, wl_wsc_reg). Docum...

6.1CVSS6.1AI score0.07253EPSS
Exploits5References4Affected Software1
0day.today
0day.today
added 2019/09/05 12:0 a.m.53 views

DASAN Zhone ZNID GPON 2426A EU - Multiple Cross-Site Scripting Vulnerabilities

Exploit for hardware platform in category web applications Multiple Cross-Site Scripting XSS in the web interface of DASAN Zhone ZNID GPON 2426A EU version S3.1.285 application allows a remote attacker to execute arbitrary JavaScript via manipulation of an unsanitized GET parameters. Exploit Titl...

4.3CVSS0.07253EPSS
Exploits5
exploitpack
exploitpack
added 2019/09/04 12:0 a.m.51 views

DASAN Zhone ZNID GPON 2426A EU - Multiple Cross-Site Scripting

DASAN Zhone ZNID GPON 2426A EU - Multiple Cross-Site Scripting Multiple Cross-Site Scripting XSS in the web interface of DASAN Zhone ZNID GPON 2426A EU version S3.1.285 application allows a remote attacker to execute arbitrary JavaScript via manipulation of an unsanitized GET parameters. Exploit...

4.3CVSS6.2AI score0.07253EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/09/04 12:0 a.m.350 views

DASAN Zhone ZNID GPON 2426A EU - Multiple Cross-Site Scripting

Multiple Cross-Site Scripting XSS in the web interface of DASAN Zhone ZNID GPON 2426A EU version S3.1.285 application allows a remote attacker to execute arbitrary JavaScript via manipulation of an unsanitized GET parameters. Exploit Title: Multiple Cross-Site Scripting XSS in DASAN Zhone ZNID GP...

6.1CVSS6.5AI score0.07253EPSS
Exploits5
Rows per page
Query Builder