CVE-2019-25324 RICOH Web Image Monitor 1.09 - HTML Injection

RICOH Web Image Monitor 1.09 contains an HTML injection vulnerability in the address configuration CGI script that allows attackers to inject malicious HTML code. Attackers can exploit the entryNameIn and entryDisplayNameIn parameters to insert arbitrary HTML content, potentially enabling...

CVE-2019-25324 RICOH Web Image Monitor 1.09 - HTML Injection

RICOH Web Image Monitor 1.09 contains an HTML injection vulnerability in the address configuration CGI script that allows attackers to inject malicious HTML code. Attackers can exploit the entryNameIn and entryDisplayNameIn parameters to insert arbitrary HTML content, potentially enabling...

CVE-2019-25324

CVE-2019-25324 affects RICOH Web Image Monitor version 1.09. It describes an HTML injection vulnerability in the address configuration CGI script, where the entryNameIn and entryDisplayNameIn parameters can be used to inject arbitrary HTML content, potentially enabling cross-site scripting. The v...

Ricoh Web Image Monitor 跨站脚本漏洞

Ricoh Web Image Monitor is a network management interface for multifunctional printing devices from the Japanese company Ricoh. It provides remote monitoring and configuration capabilities. Version 1.09 of RICOH Web Image Monitor contains a cross-site scripting vulnerability. This vulnerability...

EUVD-2019-3505

Malware in sbrugna...

RICOH SP 4510SF Printer HTML Injection

Exploit Title: RICOH SP 4510SF Printer - HTML Injection Date: 2019-05-06 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: http://support.ricoh.com/bb/html/drute/re1/model/sp4510/sp4510.htm Software: RICOH Printer Product Version: SP 4510SF Vulernability Type:...

RICOH SP 4510SF Cross-Site Scripting Vulnerability

The RICOH SP 4510SF is a multifunction printer device from Ricoh Japan. A cross-site scripting vulnerability exists in the address addition area of the RICOH SP 4510SF, which arises from the program failing to properly validate user-submitted input. An attacker can exploit this vulnerability by...

RICOH MP C307 Cross-Site Scripting Vulnerability

The RICOH MP C307 is a multifunction printer device from Ricoh Japan. A cross-site scripting vulnerability exists in the address addition area of the RICOH MP C307. A remote attacker can exploit this vulnerability by sending the 'entryNameIn' parameter to the...

RICOH Aficio MP 305+ Cross-Site Scripting Vulnerability

The RICOH Aficio MP 305+ is a multifunction printer device from Ricoh Japan. A cross-site scripting vulnerability exists in the address add area in the RICOH Aficio MP 305+. A remote attacker can exploit this vulnerability by sending the 'entryNameIn' parameter to the...

RICOH Aficio MP 301 Cross-Site Scripting Vulnerability

The RICOH Aficio MP 301 is a multifunction printer device from Ricoh Japan. A cross-site scripting vulnerability exists in the address add area in the RICOH Aficio MP 301. A remote attacker can exploit this vulnerability by sending the 'entryNameIn' parameter to the...

Ricoh MP C2003 Cross-Site Scripting Vulnerability

The Ricoh MP C2003 is a multifunction printer device from Ricoh Japan. A cross-site scripting vulnerability exists in the address addition area of the Ricoh MP C2003. A remote attacker can exploit this vulnerability by sending the 'entryNameIn' parameter to the...

RICOH MP C1803 JPN Printer Cross-Site Scripting Vulnerability

The RICOH MP C1803 JPN is a multifunction printer device from Ricoh Japan. A cross-site scripting vulnerability exists in the add address area of the RICOH MP C1803 JPN printer. A remote attacker can exploit this vulnerability by sending the 'entryNameIn' parameter to the...

RICOH MP C6503 Plus Cross-Site Scripting Vulnerability

The RICOH MP C6503 Plus is a multifunction printer device from Ricoh Japan. A cross-site scripting vulnerability exists in the address add area in the RICOH MP C6503 Plus. A remote attacker can exploit this vulnerability by sending the 'entryNameIn' parameter to the...

RICOH MP C406Z Cross-Site Scripting Vulnerability

The RICOH MP C406Z is a multifunction printer device from Ricoh Japan. A cross-site scripting vulnerability exists in the address add area in the RICOH MP C406Z. A remote attacker can exploit this vulnerability by sending the 'entryNameIn' parameter to the...

CVE-2018-17316

On the RICOH MP C6003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi...

Cross site scripting

On the RICOH MP C307 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi...

CVE-2018-17309

The CVE-2018-17309 entry concerns the Ricoh MP C406Z multifunction printer. Affected component: the address management web interface, specifically the /web/entry/en/address/adrsSetUserWizard.cgi endpoint. Vulnerability type: HTML Injection and Stored XSS in the area where addresses are added via ...

CVE-2018-17313

RICOH MP C307 is affected by CVE-2018-17313: HTML Injection and Stored XSS in the address-adding flow via /web/entry/en/address/adrsSetUserWizard.cgi, triggered by the entryNameIn parameter. Impact is stored XSS in the web context; CVSS2 base 4.3 (NETWORK, MEDIUM) and CVSS3 base 6.1 (NETWORK, LOW...

CVE-2018-17312

On the RICOH Aficio MP 301 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi...

CVE-2018-17316

On the RICOH MP C6003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi...