514 matches found
CVE-2025-10949
A vulnerability was found in Changsha Developer Technology iView Editor up to 1.1.1. This impacts an unknown function of the component Markdown Handler. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used. T...
CVE-2025-10949
A vulnerability was found in Changsha Developer Technology iView Editor up to 1.1.1. This impacts an unknown function of the component Markdown Handler. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used. T...
CVE-2025-10949
CVE-2025-10949 affects Changsha Developer Technology iView Editor
CVE-2025-10949 Changsha Developer Technology iView Editor Markdown cross site scripting
A vulnerability was found in Changsha Developer Technology iView Editor up to 1.1.1. This impacts an unknown function of the component Markdown Handler. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used. T...
CVE-2025-10949 Changsha Developer Technology iView Editor Markdown cross site scripting
A vulnerability was found in Changsha Developer Technology iView Editor up to 1.1.1. This impacts an unknown function of the component Markdown Handler. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used. T...
iView Editor 代码注入漏洞
iView Editor is an editor for iView open source. A code injection vulnerability exists in iView Editor 1.1.1 and earlier versions, which stems from improper handling of the component Markdown Handler, and could lead to cross-site scripting attacks...
PT-2025-39392
Name of the Vulnerable Software and Affected Versions Changsha Developer Technology iView Editor versions up to 1.1.1 Description A flaw exists in the Markdown Handler component of the software that allows for cross site scripting. The issue is remotely exploitable and details of the exploit are...
Malicious code in iview-cacscader-multi (npm)
The package iview-cacscader-multi was found to contain malicious code...
MAL-2025-23479 Malicious code in iview-cacscader-multi (npm)
The package iview-cacscader-multi was found to contain malicious code...
The vulnerability of the centralized control system for network devices and ports of Advantech iView, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.
The vulnerability of the centralized control system for network devices and ports of Advantech iView is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...
Vulnerability of the NetworkServlet.archiveTrapRange() function in the system for centrally managing network devices and ports of Advantech iView. This vulnerability allows a attacker to execute arbitrary code.
The vulnerability of the NetworkServlet.archiveTrapRange function in the system for managing network devices and ports of Advantech iView is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
The vulnerability of the CUtils.checkSQLInjection() function in the centralized device and port management system of Advantech iView allows a attacker to disclose sensitive information or cause service failures.
The vulnerability of the CUtils.checkSQLInjection function in the centralized device and port management system of Advantech iView is related to the lack of protective measures for SQL query structures. Exploiting this vulnerability can allow an attacker to disclose sensitive information or cause...
The vulnerability of the centralized control system for network devices and ports of Advantech iView, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.
The vulnerability of the centralized control system for network devices and ports of Advantech iView is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...
The vulnerability of the centralized control system for network devices and ports of Advantech iView, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.
The vulnerability of the centralized control system for network devices and ports of Advantech iView is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...
The vulnerability of the NetworkServlet.backupDatabase() function in the system for centrally managing network devices and ports of the Advantech iView platform allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the NetworkServlet.backupDatabase function in the system for centrally managing network devices and ports of the Advantech iView family is related to the implementation or modification of arguments. Exploiting this vulnerability could allow an attacker to gain unauthorized...
Vulnerability of the NetworkServlet.restoreDatabase() function in the system for centrally managing network devices and ports of the Advantech iView, allowing a perpetrator to gain unauthorized access to protected information.
The vulnerability of the NetworkServlet.restoreDatabase function in the system for centrally managing network devices and ports of the Advantech iView platform is related to the implementation or modification of arguments. Exploiting this vulnerability could allow an attacker to gain unauthorized...
The vulnerability of the NetworkServlet.processImportRequest() function in the system for centrally managing network devices and ports of the Advantech iView platform allows a hacker to disclose protected information.
The vulnerability of the NetworkServlet.processImportRequest function in the system for centrally managing network devices and ports of the Advantech iView platform is related to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability could allow a maliciou...
The vulnerability of the NetworkServlet.getNextTrapPage() function in the system for centrally managing network devices and ports of Advantech iView allows a hacker to execute arbitrary code.
The vulnerability of the NetworkServlet.getNextTrapPage function in the system for centrally managing network devices and ports of Advantech iView is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Advantech iView Cross-Site Scripting Vulnerability (CNVD-2025-17826)
Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. A cross-site scripting vulnerability exists in Advantech iView due to improper validation of user-supplied input. An attacker could use this vulnerability to execute...
Advantech iView NetworkServlet.archiveTrap Function SQL Injection Vulnerability
Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. An SQL injection vulnerability exists in the Advantech iView NetworkServlet.archiveTrap function. An attacker can exploit this vulnerability to perform SQL injection and execu...