6 matches found
CVE-2016-20032
ZKTeco ZKAccess Security System 5.3.1 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads through the 'holidayname' and 'memo' POST parameters. Attackers can submit crafted requests with script code i...
EUVD-2017-9131
Malware in sbrugna...
CVE-2017-17989
Biometric Shift Employee Management System has XSS via the index.php holidayname parameter in an editholiday action...
CVE-2017-17989
The vulnerability described for CVE-2017-17989 affects the Biometric Shift Employee Management System. The issue is a Cross-Site Scripting (XSS) flaw that can be triggered via the index.php holiday_name parameter in the edit_holiday action. According to the available data, this is the scope, with...
ZKTeco ZKAccess Security System 5.3.1 - stored XSS
Application description ZKAccess systems are built on flexible, open technology to provide management, real-time monitoring and control of your access control changes, access via a browser,without the need to install additional software. Security infrastructure devices centralized management,...
ZKTeco ZKAccess Security System 5.3.1 Stored XSS Vulnerability
Summary ZKAccess Systems are built on flexible, open technology to provide management, real-time monitoring, and control of your access control system-all from a browser, with no additional software to install. Our secure Web-hosted infrastructure and centralized online administration reduce your...