co.luminositylabs.oss.ica.migration:legacy-data-viewer-webapp (=0.2.0), com.aripd:aricom (=1.0) +13 more potentially affected by CVE-2026-41883 via org.omnifaces:omnifaces (>=2.1 <=2.7.1)

org.omnifaces:omnifaces MAVEN version =2.1, =2.2.3, =2.2.3, =2.2.3, =2.2.3, =2.2.3, =1.0.0-RC1, =1.0.0, =0.1, =0.14 Source cves: CVE-2026-41883 Source advisory: OSV:GHSA-VP6R-9M58-5XV8...

CVE-2020-9025

Iteris Vantage Velocity Field Unit 2.4.2 devices have multiple stored XSS issues in all parameters of the Start Data Viewer feature of the /cgi-bin/loaddata.py script...

PHP Point of Sale 安全漏洞

PHP Point of Sale is an online point of sale system for small retail businesses from PHP Point of Sale, Inc. A security vulnerability exists in PHP Point of Sale LLC version 19.0, which stems from the fact that the application has been determined to allow malicious code to be embedded into export...

Aanderaa GeoView SQL注入漏洞

Aanderaa GeoView is a web-based solution for displaying environmental data. Aanderaa GeoView suffers from a SQL injection vulnerability that can be exploited by an attacker to manipulate the database server...

Iteris Vantage Velocity Field Unit Cross-Site Scripting Vulnerability

The Iteris Vantage Velocity Field Unit is a road monitoring field unit from Iteris USA. A cross-site scripting vulnerability exists in all parameters of the Start Data Viewer function of the /cgi-bin/loaddata.py script in the Iteris Vantage Velocity Field Unit version 2.4.2. The vulnerability ste...

CVE-2020-9025

Iteris Vantage Velocity Field Unit 2.4.2 devices have multiple stored XSS issues in all parameters of the Start Data Viewer feature of the /cgi-bin/loaddata.py script...

CVE-2020-9025

Iteris Vantage Velocity Field Unit 2.4.2 devices have multiple stored XSS issues in all parameters of the Start Data Viewer feature of the /cgi-bin/loaddata.py script...

Cross site scripting

Iteris Vantage Velocity Field Unit 2.4.2 devices have multiple stored XSS issues in all parameters of the Start Data Viewer feature of the /cgi-bin/loaddata.py script...

CVE-2020-9025

Iteris Vantage Velocity Field Unit 2.4.2 devices have multiple stored XSS issues in all parameters of the Start Data Viewer feature of the /cgi-bin/loaddata.py script...

CVE-2018-5176

The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including "javascript:" links. If a JSON file contains malicious JavaScript script embedded as "javascript:" links, users may be tricked into clicking and running this code in the context of the JSON Viewer. Thi...

Cisco Intelligent Automation for Cloud Form Data Viewer Utility Vulnerability

A vulnerability in the Form Data Viewer utility of Cisco Intelligent Automation for Cloud could allow an authenticated, remote attacker to view passwords of provisioned systems. The vulnerability is due to the inclusion of passwords in the form data. An attacker could exploit this vulnerability b...

CVE-2014-3298

Form Data Viewer in Cisco Intelligent Automation for Cloud in Cisco Cloud Portal places passwords in form data, which allows remote authenticated users to obtain sensitive information by reading HTML source code, aka Bug ID CSCui36976...

Information disclosure

Form Data Viewer in Cisco Intelligent Automation for Cloud in Cisco Cloud Portal places passwords in form data, which allows remote authenticated users to obtain sensitive information by reading HTML source code, aka Bug ID CSCui36976...

CVE-2014-3298

The CVE-2014-3298 issue affects Cisco Intelligent Automation for Cloud, specifically the Cloud Portal’s Form Data Viewer Utility. The root cause is that passwords are placed in form data and can be read from the HTML source of the vulnerable page, enabling an authenticated, remote attacker to obt...