CVE-2022-0954 Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in microweber/microweber

Multiple Stored Cross-site Scripting XSS Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in GitHub repository microweber/microweber prior to 1.2.11...

CVE-2021-38154

Certain Canon devices manufactured in 2012 through 2020 such as imageRUNNER ADVANCE iR-ADV C5250, when Catwalk Server is enabled for HTTP access, allow remote attackers to modify an e-mail address setting, and thus cause the device to send sensitive information through e-mail to the attacker. For...

CVE-2021-38154

The CVE-2021-38154 entry concerns Canon imageRUNNER ADVANCE devices (e.g., iR-ADV C5250). When Catwalk Server is enabled and HTTP access is allowed, unauthenticated remote attackers can modify an e-mail address setting due to an authentication bypass in Catwalk Server (PIN not required for Genera...

VulnCheck KEV: CVE-2021-38154

Certain Canon devices manufactured in 2012 through 2020 such as imageRUNNER ADVANCE iR-ADV C5250, when Catwalk Server is enabled for HTTP access, allow remote attackers to modify an e-mail address setting, and thus cause the device to send sensitive information through e-mail to the attacker...