CVE-2019-18265

Digital Alert Systems’ DASDEC software prior to version 4.1 contains a cross-site scripting XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the SSH username, username field of the login page, or via the HTTP host header. The injected content is stored in...

EUVD-2022-43504

Malicious code in bioql PyPI...

CVE-2022-40204

A cross-site scripting XSS vulnerability exists in all current versions of Digital Alert Systems DASDEC software via the Host Header in undisclosed pages after login...

CVE-2022-40204

A cross-site scripting XSS vulnerability exists in all current versions of Digital Alert Systems DASDEC software via the Host Header in undisclosed pages after login...

Cross site scripting

A cross-site scripting XSS vulnerability exists in all current versions of Digital Alert Systems DASDEC software via the Host Header in undisclosed pages after login...

CVE-2019-18265

Digital Alert Systems’ DASDEC software prior to version 4.1 contains a cross-site scripting XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the SSH username, username field of the login page, or via the HTTP host header. The injected content is stored in...

CVE-2019-18265

Digital Alert Systems’ DASDEC software prior to version 4.1 contains a cross-site scripting XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the SSH username, username field of the login page, or via the HTTP host header. The injected content is stored in...

Cross site scripting

Digital Alert Systems’ DASDEC software prior to version 4.1 contains a cross-site scripting XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the SSH username, username field of the login page, or via the HTTP host header. The injected content is stored in...

CVE-2022-40204

A cross-site scripting XSS vulnerability exists in all current versions of Digital Alert Systems DASDEC software via the Host Header in undisclosed pages after login...

CVE-2022-40204

A cross-site scripting XSS vulnerability exists in all current versions of Digital Alert Systems DASDEC software via the Host Header in undisclosed pages after login...

CVE-2022-40204

CVE-2022-40204 is an XSS in Digital Alert Systems DASDEC software, affecting all current versions via the Host Header on undisclosed pages after login. The vulnerability is documented across multiple feeds: NVD lists CVSS v3.1 base score 4.1 (I/L, C/N, A/N) with network attack vector, low complex...

CVE-2019-18265

Digital Alert Systems’ DASDEC software prior to version 4.1 contains a cross-site scripting XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the SSH username, username field of the login page, or via the HTTP host header. The injected content is stored in...

CVE-2019-18265

Digital Alert Systems’ DASDEC software prior to version 4.1 contains a cross-site scripting XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the SSH username, username field of the login page, or via the HTTP host header. The injected content is stored in...

CVE-2019-18265

Digital Alert Systems’ DASDEC software prior to version 4.1 is affected by CVE-2019-18265, an XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the login page’s SSH username field or the HTTP Host header. The injected content is stored in logs and rendered ...

PT-2022-25281 · Digital Alert Systems · Dasdec

Name of the Vulnerable Software and Affected Versions: Digital Alert Systems DASDEC software affected versions not specified Description: A cross-site scripting XSS issue exists in the Digital Alert Systems DASDEC software. This issue is related to the Host Header in undisclosed pages after login...

PT-2022-8170 · Digital Alert Systems · Dasdec

Name of the Vulnerable Software and Affected Versions: Digital Alert Systems' DASDEC software versions prior to 4.1 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the SSH username, username field of the login page, or via the HTTP host header. The inject...

Digital Alert Systems DASDEC EAS Cross-Site Scripting Vulnerability

Digital Alert Systems DASDEC EAS is a digital alert system from Digital Alert Systems in the United States. A cross-site scripting vulnerability exists in all current versions of Digital Alert Systems DASDEC, which stems from a lack of effective filtering and escaping of user-supplied data on an...

Digital Alert Systems DASDEC

1. EXECUTIVE SUMMARY CVSS v3 4.7 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Digital Alert Systems Equipment: DASDEC Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities might result in false alerts...

U.S Emergency broadcast System vulnerable to hackers

A major vulnerability has been discovered in the U.S. Emergency Alert System, researchers have warned.that could allow hackers to break into the system and broadcast fake messages to the United States. According to a new report by security firm IOActive, U.S. Emergency Alert System, the system us...

U.S Emergency broadcast System vulnerable to hackers

A major vulnerability has been discovered in the U.S. Emergency Alert System, researchers have warned.that could allow hackers to break into the system and broadcast fake messages to the United States. According to a new report by security firm IOActive, U.S. Emergency Alert System, the system us...