Lucene search
K

514 matches found

RedhatCVE
RedhatCVE
added 2025/09/26 2:48 p.m.4 views

CVE-2025-10949

A vulnerability was found in Changsha Developer Technology iView Editor up to 1.1.1. This impacts an unknown function of the component Markdown Handler. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used. T...

4.8CVSS5.2AI score0.00246EPSS
Exploits0References1
NVD
NVD
added 2025/09/25 3:16 p.m.8 views

CVE-2025-10949

A vulnerability was found in Changsha Developer Technology iView Editor up to 1.1.1. This impacts an unknown function of the component Markdown Handler. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used. T...

4.8CVSS0.00246EPSS
Exploits0References4
CVE
CVE
added 2025/09/25 2:32 p.m.10 views

CVE-2025-10949

CVE-2025-10949 affects Changsha Developer Technology iView Editor

4.8CVSS5AI score0.00246EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/09/25 2:32 p.m.10 views

CVE-2025-10949 Changsha Developer Technology iView Editor Markdown cross site scripting

A vulnerability was found in Changsha Developer Technology iView Editor up to 1.1.1. This impacts an unknown function of the component Markdown Handler. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used. T...

4.8CVSS0.00246EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/09/25 2:32 p.m.2 views

CVE-2025-10949 Changsha Developer Technology iView Editor Markdown cross site scripting

A vulnerability was found in Changsha Developer Technology iView Editor up to 1.1.1. This impacts an unknown function of the component Markdown Handler. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used. T...

4.8CVSS5AI score0.00246EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/09/25 12:0 a.m.5 views

iView Editor 代码注入漏洞

iView Editor is an editor for iView open source. A code injection vulnerability exists in iView Editor 1.1.1 and earlier versions, which stems from improper handling of the component Markdown Handler, and could lead to cross-site scripting attacks...

4.8CVSS4.2AI score0.00246EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/09/25 12:0 a.m.5 views

PT-2025-39392

Name of the Vulnerable Software and Affected Versions Changsha Developer Technology iView Editor versions up to 1.1.1 Description A flaw exists in the Markdown Handler component of the software that allows for cross site scripting. The issue is remotely exploitable and details of the exploit are...

4.8CVSS3AI score0.00246EPSS
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in iview-cacscader-multi (npm)

The package iview-cacscader-multi was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-23479 Malicious code in iview-cacscader-multi (npm)

The package iview-cacscader-multi was found to contain malicious code...

7.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.10 views

The vulnerability of the centralized control system for network devices and ports of Advantech iView, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the centralized control system for network devices and ports of Advantech iView is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...

6.4CVSS5.4AI score0.00194EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.7 views

Vulnerability of the NetworkServlet.archiveTrapRange() function in the system for centrally managing network devices and ports of Advantech iView. This vulnerability allows a attacker to execute arbitrary code.

The vulnerability of the NetworkServlet.archiveTrapRange function in the system for managing network devices and ports of Advantech iView is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

9CVSS6AI score0.005EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.6 views

The vulnerability of the CUtils.checkSQLInjection() function in the centralized device and port management system of Advantech iView allows a attacker to disclose sensitive information or cause service failures.

The vulnerability of the CUtils.checkSQLInjection function in the centralized device and port management system of Advantech iView is related to the lack of protective measures for SQL query structures. Exploiting this vulnerability can allow an attacker to disclose sensitive information or cause...

8CVSS5.5AI score0.00271EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.8 views

The vulnerability of the centralized control system for network devices and ports of Advantech iView, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the centralized control system for network devices and ports of Advantech iView is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...

6.4CVSS5.4AI score0.00194EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.9 views

The vulnerability of the centralized control system for network devices and ports of Advantech iView, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the centralized control system for network devices and ports of Advantech iView is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...

6.4CVSS5.4AI score0.00194EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.7 views

The vulnerability of the NetworkServlet.backupDatabase() function in the system for centrally managing network devices and ports of the Advantech iView platform allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the NetworkServlet.backupDatabase function in the system for centrally managing network devices and ports of the Advantech iView family is related to the implementation or modification of arguments. Exploiting this vulnerability could allow an attacker to gain unauthorized...

6.8CVSS5.5AI score0.00282EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.6 views

Vulnerability of the NetworkServlet.restoreDatabase() function in the system for centrally managing network devices and ports of the Advantech iView, allowing a perpetrator to gain unauthorized access to protected information.

The vulnerability of the NetworkServlet.restoreDatabase function in the system for centrally managing network devices and ports of the Advantech iView platform is related to the implementation or modification of arguments. Exploiting this vulnerability could allow an attacker to gain unauthorized...

6.8CVSS5.5AI score0.00286EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.9 views

The vulnerability of the NetworkServlet.processImportRequest() function in the system for centrally managing network devices and ports of the Advantech iView platform allows a hacker to disclose protected information.

The vulnerability of the NetworkServlet.processImportRequest function in the system for centrally managing network devices and ports of the Advantech iView platform is related to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability could allow a maliciou...

4.3CVSS5.5AI score0.03317EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.20 views

The vulnerability of the NetworkServlet.getNextTrapPage() function in the system for centrally managing network devices and ports of Advantech iView allows a hacker to execute arbitrary code.

The vulnerability of the NetworkServlet.getNextTrapPage function in the system for centrally managing network devices and ports of Advantech iView is related to the lack of security measures for SQL query structures. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS6.1AI score0.0428EPSS
Exploits0References3
CNVD
CNVD
added 2025/07/18 12:0 a.m.4 views

Advantech iView Cross-Site Scripting Vulnerability (CNVD-2025-17826)

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. A cross-site scripting vulnerability exists in Advantech iView due to improper validation of user-supplied input. An attacker could use this vulnerability to execute...

6.1CVSS5.9AI score0.00194EPSS
Exploits0References1
CNVD
CNVD
added 2025/07/18 12:0 a.m.2 views

Advantech iView NetworkServlet.archiveTrap Function SQL Injection Vulnerability

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. An SQL injection vulnerability exists in the Advantech iView NetworkServlet.archiveTrap function. An attacker can exploit this vulnerability to perform SQL injection and execu...

8.8CVSS8.3AI score0.005EPSS
Exploits0References1
Rows per page
Query Builder