EUVD-2016-10819

ZKTeco ZKAccess Security System 5.3.1 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads through the 'holidayname' and 'memo' POST parameters. Attackers can submit crafted requests with script code i...

CVE-2016-20032

ZKTeco ZKAccess Security System 5.3.1 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads through the 'holidayname' and 'memo' POST parameters. Attackers can submit crafted requests with script code i...

ZKTeco ZKAccess Security System 跨站脚本漏洞

ZKTeco ZKAccess Security System is an access control and security management system developed by ZKTeco Technology. Version 5.3.1 of ZKTeco ZKAccess Security System contains a cross-site scripting vulnerability. This vulnerability arises from improper cleaning of the holidayname and memo POST...

CVE-2016-20032

The CVE-2016-20032 issue affects ZKTeco ZKAccess Security System version 5.3.1. A stored cross-site scripting vulnerability exists in which input supplied to the holiday_name and memo POST parameters is not properly sanitized, allowing an attacker to inject HTML/script that can be executed in a u...

CVE-2016-20032 ZKTeco ZKAccess Security System 5.3.1 Stored XSS

ZKTeco ZKAccess Security System 5.3.1 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads through the 'holidayname' and 'memo' POST parameters. Attackers can submit crafted requests with script code i...

CVE-2016-20032

ZKTeco ZKAccess Security System 5.3.1 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads through the 'holidayname' and 'memo' POST parameters. Attackers can submit crafted requests with script code i...

PT-2026-25730

ZKTeco ZKAccess Security System 5.3.1 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads through the 'holiday name' and 'memo' POST parameters. Attackers can submit crafted requests with script code ...

EUVD-2022-31672

Malicious code in bioql PyPI...

CVE-2022-27134

EOSIO batdappboomx v327c04cf has an Access-control vulnerability in the transfer function of the smart contract which allows remote attackers to win the cryptocurrency without paying ticket fee via the std::string memo parameter...

CVE-2022-27134

EOSIO batdappboomx v327c04cf has an Access-control vulnerability in the transfer function of the smart contract which allows remote attackers to win the cryptocurrency without paying ticket fee via the std::string memo parameter...

Improper access control

EOSIO batdappboomx v327c04cf has an Access-control vulnerability in the transfer function of the smart contract which allows remote attackers to win the cryptocurrency without paying ticket fee via the std::string memo parameter...

batdappboomx 安全漏洞

batdappboomx is a public smart contract. A security vulnerability exists in batdappboomx version v327c04cf, which stems from an access control issue in the transfer function of the smart contract. A remote attacker can exploit this vulnerability to win cryptocurrency without paying a ticket fee v...

ZKTeco ZKAccess Security System 5.3.1 Persistent Cross-Site Scripting Vulnerability

ZKBioSecurity is a comprehensive management platform for biometric security. ZKTeco ZKAccess Security System 5.3.1 persistent cross-site scripting vulnerability, which occurs due to failure to properly validate the "HOLIDAYNAME" and POST submit "memo" parameters when passing them to the user. The...