Lucene search
+L

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:2 a.m.8 views

CVE-2019-17114

A stored and reflected cross-site scripting XSS vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allows remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/userPreregistration.jsp. The preRegistrationData parameter is vulnerable: a reflected cross-site scriptin...

6.1CVSS5.5AI score0.01659EPSS
Exploits3References1
Circl
Circl
added 2024/01/16 2:11 p.m.6 views

CVE-2019-17114

creationtimestamp| type| source ---|---|--- 2024-01-16 14:11:26+00:00| seen| https://t.me/ctinow/168807...

6.1CVSS6.1AI score0.01659EPSS
Exploits3References1
0day.today
0day.today
added 2019/10/22 12:0 a.m.106 views

WiKID Systems 2FA Enterprise Server 4.2.0-b2032 SQL Injection / XSS / CSRF Vulnerabilities

WiKID Systems 2FA Enterprise Server version 4.2.0-b2032 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities. WiKID Systems 2FA Enterprise Serverversion 4.2.0-b2032 and earlier was found to be vulnerable to multiple Cross-Site Scripting, SQLi, an...

6.8CVSS0.2AI score0.49955EPSS
Exploits10
Packet Storm
Packet Storm
added 2019/10/18 12:0 a.m.238 views

WiKID Systems 2FA Enterprise Server 4.2.0-b2032 SQL Injection / XSS / CSRF

WiKID Systems 2FA Enterprise Serverversion 4.2.0-b2032 and earlier was found to be vulnerable to multiple Cross-Site Scripting, SQLi, and CSRF issues. searchDevices.jsp is vulnerable to SQL injection through the uid and domain parameters. The application uses Postgres which supports Stacked...

0.4AI score0.49955EPSS
Exploits10
NVD
NVD
added 2019/10/17 6:15 p.m.21 views

CVE-2019-17114

A stored and reflected cross-site scripting XSS vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allows remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/userPreregistration.jsp. The preRegistrationData parameter is vulnerable: a reflected cross-site scriptin...

6.1CVSS6AI score0.01659EPSS
Exploits3References3
Cvelist
Cvelist
added 2019/10/17 5:44 p.m.19 views

CVE-2019-17114

A stored and reflected cross-site scripting XSS vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allows remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/userPreregistration.jsp. The preRegistrationData parameter is vulnerable: a reflected cross-site scriptin...

6AI score0.01659EPSS
Exploits3References3
CVE
CVE
added 2019/10/17 5:44 p.m.60 views

CVE-2019-17114

WiKID Systems 2FA Enterprise Server (up to 4.2.0-b2047) is affected by a stored and reflected XSS in the web interface. The vulnerability arises in /WiKIDAdmin/userPreregistration.jsp via the preRegistrationData parameter: a reflected XSS occurs after a .csv upload, and the malicious script is st...

6.1CVSS5.9AI score0.01659EPSS
Exploits3References3Affected Software1
Rows per page
Query Builder