EUVD-2018-9070

Malware in sbrugna...

RICOH MP C2003 Cross-site Scripting (CVE-2018-17315)

On the RICOH MP C2003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. This plugin only works with Tenable.ot. Please visit...

Ricoh MP C2003 Cross-Site Scripting Vulnerability

The Ricoh MP C2003 is a multifunction printer device from Ricoh Japan. A cross-site scripting vulnerability exists in the address addition area of the Ricoh MP C2003. A remote attacker can exploit this vulnerability by sending the 'entryNameIn' parameter to the...

CVE-2018-17315

On the RICOH MP C2003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi...

CVE-2018-17315

The CVE-2018-17315 entry concerns the Ricoh MP C2003 printer with HTML Injection and Stored XSS vulnerabilities in the address-adding flow. The issue is triggered by the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi, allowing arbitrary script/HTML injection into the web UI....

CVE-2018-17315

On the RICOH MP C2003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi...

RICOH MP C2003 Printer - Cross-Site Scripting

RICOH MP C2003 Printer - Cross-Site Scripting Exploit Title: RICOH MP C2003 Printer - Cross-Site Scripting Date: 2018-09-21 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...