44 matches found
EUVD-2004-1194
Malware in sbrugna...
EUVD-2017-18024
Malware in sbrugna...
EUVD-2011-1432
Malware in sbrugna...
EUVD-2004-1193
Malware in sbrugna...
Paradox IP150 Internet Module 1.40.00 Cross Site Request Forgery
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Paradox IP150 Internet Module Cross-Site Request Forgery Link: https://github.com/sbaresearch/advisories/tree/public/2024/SBA-ADV-20240321-01ParadoxCrossSiteRequestForgery Vulnerability Overview The Paradox IP150 Internet Module in version 1.40.00 i...
linguistica.insite.com.br Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1085933 Security Researcher haxmov Helped patch 708 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting linguistica.insite.com.br...
Kodak InSite Cross-Site Scripting Vulnerability
Kodak InSite is a WEB-based application. Multiple cross-site scripting vulnerabilities exist in Kodak InSite versions 6.5 through 8.0. A remote attacker can inject arbitrary web script by sending the 'paramFile' parameter to the /Site/Troubleshooting/DiagnosticReport.asp file or...
CVE-2017-9085
Multiple cross-site scripting XSS vulnerabilities in Kodak InSite 6.5 to 8.0 allow remote attackers to inject arbitrary web script via the 1 "paramFile" parameter to /Site/Troubleshooting/DiagnosticReport.asp, or 2 "paramFile" parameter to /Site/Troubleshooting/SpeedTest.asp...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Kodak InSite 6.5 to 8.0 allow remote attackers to inject arbitrary web script via the 1 "paramFile" parameter to /Site/Troubleshooting/DiagnosticReport.asp, or 2 "paramFile" parameter to /Site/Troubleshooting/SpeedTest.asp...
CVE-2017-9085
Multiple cross-site scripting XSS vulnerabilities in Kodak InSite 6.5 to 8.0 allow remote attackers to inject arbitrary web script via the 1 "paramFile" parameter to /Site/Troubleshooting/DiagnosticReport.asp, or 2 "paramFile" parameter to /Site/Troubleshooting/SpeedTest.asp...
CVE-2017-9085
Multiple cross-site scripting XSS vulnerabilities in Kodak InSite 6.5 to 8.0 allow remote attackers to inject arbitrary web script via the 1 "paramFile" parameter to /Site/Troubleshooting/DiagnosticReport.asp, or 2 "paramFile" parameter to /Site/Troubleshooting/SpeedTest.asp...
CVE-2017-9085
Kodak InSite (versions 6.5–8.0) is affected by cross-site scripting (XSS) via the parameterFile parameter to two pages: /Site/Troubleshooting/DiagnosticReport.asp and /Site/Troubleshooting/SpeedTest.asp. The vulnerability allows remote attackers to inject arbitrary web scripts. The sources in the...
Kodak InSite 6.5 <= 8.0 XSS Vulnerability
Kodak InSite is prone to a cross-site scripting XSS vulnerability because it fails to sufficiently sanitize user-supplied data. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Kodak InSite Detection (HTTP)
HTTP based detection of Kodak InSite. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it...
Kodak InSite 8.0 Cross Site Scripting
========================================= Class Input Validation Error CVE Remote Yes Local No Credit rsanchezr Vulnerable Kodak InSite 6.5 to 8.0 Kodak InSite is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage...
Trust Management Vulnerabilities in Multiple GE Products (CNVD-2015-05132)
GE Healthcare Millennium MG, NC and MyoSIGHT are General Electric GE scanning camera products for the healthcare industry. A security vulnerability exists in multiple GE products that stems from the use of 'insite.genieacq' which cannot be changed unless the program disables remote InSite-support...
GE Healthcare eNTEGRA P&R Trust Management Vulnerability
GE Healthcare eNTEGRA P&R Processing & Review is a General Electric GE medical nuclear computer system for the healthcare industry. A security vulnerability exists in GE Healthcare eNTEGRA P&R that originates from entegra users using 'entegra' as a password; super users in the Polestar/Polestar-i...
GE Healthcare Discovery XR656 and XR656 G2 Trust Management Vulnerability
The GE Healthcare Discovery XR656 and XR656 G2 are both digital medical radiography systems for the healthcare industry from General Electric GE. A security vulnerability exists in the GE Healthcare Discovery XR656 and XR656 G2 that originates from insite users using '2getin' as password; xruser...
CVE-2014-7232
GE Healthcare Discovery XR656 and XR656 G2 has a password of 1 2getin for the insite user, 2 4$xray for the xruser user, and 3 superxr for the root user, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another...
CVE-2002-2446
GE Healthcare Millennium MG, NC, and MyoSIGHT has a password of insite.genieacq for the insite account that cannot be changed without disabling product functionality for remote InSite support, which has unspecified impact and attack vectors...