Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:35 a.m.8 views

CVE-2019-7671

Prima Systems FlexAir, Versions 2.3.38 and prior. Parameters sent to scripts are not properly sanitized before being returned to the user, which may allow an attacker to execute arbitrary code in a user’s browser session in context of an affected site...

9CVSS7.6AI score0.08256EPSS
Exploits5References1
exploitpack
exploitpack
added 2019/11/12 12:0 a.m.99 views

Prima Access Control 2.3.35 - HwName Persistent Cross-Site Scripting

Prima Access Control 2.3.35 - HwName Persistent Cross-Site Scripting Exploit Title: Prima Access Control 2.3.35 - 'HwName' Persistent Cross-Site Scripting Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...

3.5CVSS8.8AI score0.08256EPSS
Exploits5
Packet Storm
Packet Storm
added 2019/11/12 12:0 a.m.100 views

Prima Access Control 2.3.35 Cross Site Scripting

Prima Access Control 2.3.35 Authenticated Stored XSS CVE: CVE-2019-7671 Advisory: https://applied-risk.com/resources/ar-2019-007 Discovered by Gjoko 'LiquidWorm' Krstic POST /bin/sysfcgi.fx HTTP/1.1 Host: 192.168.13.37 Connection: keep-alive Content-Length: 265 Origin: https://192.168.13.37...

3.5CVSS0.6AI score0.08256EPSS
Exploits5
0day.today
0day.today
added 2019/11/12 12:0 a.m.112 views

Prima Access Control 2.3.35 - (HwName) Persistent Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Prima Access Control 2.3.35 - 'HwName' Persistent Cross-Site Scripting Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...

7.1AI score0.08256EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/11/12 12:0 a.m.123 views

Prima Access Control 2.3.35 - 'HwName' Persistent Cross-Site Scripting

Exploit Title: Prima Access Control 2.3.35 - 'HwName' Persistent Cross-Site Scripting Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/ Version:...

9CVSS7AI score0.08256EPSS
Exploits5
CVE
CVE
added 2019/06/05 6:53 p.m.91 views

CVE-2019-7671

CVE-2019-7671 affects Prima Systems FlexAir (Versions 2.3.38 and earlier). The issue is an authenticated Stored XSS vector where parameters sent to scripts are not properly sanitized, potentially allowing code execution in a user’s browser context. Public PoCs exist (e.g., HwName Stored XSS via P...

9CVSS7.7AI score0.08256EPSS
Exploits5References5Affected Software1
Rows per page
Query Builder