11 matches found
CVE-2025-12699
The ZOLL ePCR IOS application reflects unsanitized user input into a WebView. Attacker-controlled strings placed into PCR fields run number, incident, call sign, notes are interpreted as HTML/JS when the app prints or renders that content. In the proof of concept POC, injected scripts return loca...
CVE-2025-12699
The ZOLL ePCR IOS application reflects unsanitized user input into a WebView. Attacker-controlled strings placed into PCR fields run number, incident, call sign, notes are interpreted as HTML/JS when the app prints or renders that content. In the proof of concept POC, injected scripts return loca...
CVE-2025-12699 ZOLL ePCR IOS Mobile Application Insertion of Sensitive Information into Externally-Accessible File or Directory
The ZOLL ePCR IOS application reflects unsanitized user input into a WebView. Attacker-controlled strings placed into PCR fields run number, incident, call sign, notes are interpreted as HTML/JS when the app prints or renders that content. In the proof of concept POC, injected scripts return loca...
CVE-2025-12699
The CVE-2025-12699 entry concerns the ZOLL ePCR iOS Mobile Application. The issue arises when unsanitized user input inserted into a WebView (PCR fields: run number, incident, call sign, notes) is interpreted as HTML/JS. In the provided POC, injected scripts could read local files from the app’s ...
CVE-2025-12699
The ZOLL ePCR IOS application reflects unsanitized user input into a WebView. Attacker-controlled strings placed into PCR fields run number, incident, call sign, notes are interpreted as HTML/JS when the app prints or renders that content. In the proof of concept POC, injected scripts return loca...
CVE-2025-12699 ZOLL ePCR IOS Mobile Application Insertion of Sensitive Information into Externally-Accessible File or Directory
The ZOLL ePCR IOS application reflects unsanitized user input into a WebView. Attacker-controlled strings placed into PCR fields run number, incident, call sign, notes are interpreted as HTML/JS when the app prints or renders that content. In the proof of concept POC, injected scripts return loca...
CVE-2021-41614
The CVE-2021-41614 issue affects the OpenRISC mor1kx processor controller unit, where the EPCR read/write permissions are not enforced correctly, allowing read/write access to EPCR from an unauthorized privilege level. Root cause: incorrect implementation of EPCR access control in the controller ...
CVE-2021-41614
An issue was discovered in the controller unit of the OpenRISC mor1kx processor. The read/write access permissions to the Exception Program Counter Register EPCR are not implemented correctly. User programs from an unauthorized privilege level can make read/write accesses to EPCR...
Zoll ePCR 2.6.4 Script Insertion
Document Title: =============== Zoll ePCR v2.6.4 iOS - Multiple Persistent Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1882 Release Date: ============= 2016-08-01 Vulnerability Laboratory ID VL-ID: ====================================...
Zoll ePCR v2.6.4 iOS - Multiple Persistent Vulnerabilities
Document Title: =============== Zoll ePCR v2.6.4 iOS - Multiple Persistent Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1882 Release Date: ============= 2016-08-01 Vulnerability Laboratory ID VL-ID: ====================================...
Zoll ePCR v2.6.4 iOS - Multiple Persistent Vulnerabilities
Document Title: =============== Zoll ePCR v2.6.4 iOS - Multiple Persistent Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1882 Release Date: ============= 2016-07-31 Vulnerability Laboratory ID VL-ID: ====================================...