CVE-2025-13649

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Email’ parameters within the...

CVE-2025-13651 LEAK OF SENSITIVE INFORMATION ON MICROCOM'S ZEUSWEB

Exposure of Sensitive System Information to an Unauthorized Actor vulnerability in Microcom ZeusWeb allows Web Application Fingerprinting of sensitive data. This issue affects ZeusWeb: 6.1.31...

CVE-2025-13651 LEAK OF SENSITIVE INFORMATION ON MICROCOM'S ZEUSWEB

Exposure of Sensitive System Information to an Unauthorized Actor vulnerability in Microcom ZeusWeb allows Web Application Fingerprinting of sensitive data. This issue affects ZeusWeb: 6.1.31...

CVE-2025-13650 REFLECTED CROSS-SITE SCRIPTING (XSS) ON MICROCOM'S ZEUSWEB

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Surname’ parameter of the ‘Creat...

CVE-2025-13650 REFLECTED CROSS-SITE SCRIPTING (XSS) ON MICROCOM'S ZEUSWEB

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Surname’ parameter of the ‘Creat...

CVE-2025-13650

CVE-2025-13650 describes an XSS vulnerability in ZeusWeb 6.1.31 from Microcom. An attacker who can access the web application can inject arbitrary JavaScript by supplying an XSS payload in the Surname field of the Create Account operation via https://zeus.microcom.es:4040/index.html?zeus6=true. T...

CVE-2025-13650

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Surname’ parameter of the ‘Creat...

CVE-2025-13649 REFLECTED CROSS-SITE SCRIPTING (XSS) ON MICROCOM'S ZEUSWEB

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Email’ parameters within the...

CVE-2025-13649

The CVE concerns ZeusWeb (provider Microcom) version 6.1.31 where an attacker with access to the web app can inject arbitrary JavaScript via an XSS payload in the Email field of the Recover password flow at the URL https://zeus.microcom.es:4040/index.html?zeus6=true. The vulnerability allows XSS ...

CVE-2025-13648

CVE-2025-13648 describes a stored XSS in ZeusWeb 6.1.31 from Microcom. An attacker with access to the web application can inject arbitrary JavaScript by submitting an XSS payload into the Name and Surname fields in the My Account section at https://zeus.microcom.es:4040/administracion-estaciones....

Microcom ZeusWeb 安全漏洞

Microcom ZeusWeb is a remote monitoring platform developed by the Spanish company Microcom. Version 6.1.31 of Microcom ZeusWeb contains a security vulnerability. This vulnerability stems from the injection of XSS payloads into the Email parameter in the “Recover password” section, which may lead ...

PT-2026-7508

An attacker with access to the web application ZeusWeb of the provider Microcom in this case, registration is not necessary, but the action must be performed who has the vulnerable software could introduce arbitrary JavaScript by injecting an XSS payload into the ‘Email’ parameters within the...

Microcom ZeusWeb 安全漏洞

Microcom ZeusWeb is a remote monitoring platform developed by the Spanish company Microcom. Version 6.1.31 of Microcom ZeusWeb contains a security vulnerability. This vulnerability stems from the injection of XSS payloads into the Surname parameter during the Create Account operation, which may...

Microcom ZeusWeb 安全漏洞

Microcom ZeusWeb is a remote monitoring platform developed by the Spanish company Microcom. Version 6.1.31 of Microcom ZeusWeb contains a security vulnerability. This vulnerability stems from the exposure of sensitive system information to unauthorized participants, which may lead to fingerprint...

Microcom ZeusWeb 安全漏洞

Microcom ZeusWeb is a remote monitoring platform developed by the Spanish company Microcom. Version 6.1.31 of Microcom ZeusWeb contains a security vulnerability. This vulnerability stems from the injection of XSS payloads into the Name and Surname parameters within the My Account section, which m...

EUVD-1999-1132

Malware in sbrugna...

CVE-1999-1152

The CVE-1999-1152 entry concerns Compaq/Microcom 6000 Access Integrator. Affected component: the authentication handling in the 6000 Access Integrator where, after a certain number of failed login attempts, the system does not disconnect the client. This behavior enables remote attackers to perfo...

CVE-1999-1151

CVE-1999-1151 affects the Compaq/Microcom 6000 Access Integrator. The issue is that the device does not time out sessions after prompting for credentials, enabling remote parties to cause a denial of service by connecting without providing a username or password. The provided documents do not spe...

CVE-1999-1151

Compaq/Microcom 6000 Access Integrator does not cause a session timeout after prompting for a username or password, which allows remote attackers to cause a denial of service by connecting to the integrator without providing a username or password...

CVE-1999-1151

Compaq/Microcom 6000 Access Integrator does not cause a session timeout after prompting for a username or password, which allows remote attackers to cause a denial of service by connecting to the integrator without providing a username or password...