680 matches found
CVE-2018-17311
On the RICOH MP C6503 Plus printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi...
CVE-2018-17312
On the RICOH Aficio MP 301 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi...
CVE-2018-17315
On the RICOH MP C2003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi...
CVE-2018-17316
On the RICOH MP C6003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi...
CVE-2018-17314
On the RICOH Aficio MP 305+ printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi...
CVE-2018-17314
Affected product : RICOH Aficio MP 305+ printer. Vulnerability : HTML Injection and Stored XSS in the address-adding flow. Triggered by the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. Root cause / detail : Cross-site scripting vulnerability reported across multiple sourc...
CVE-2018-17315
The CVE-2018-17315 entry concerns the Ricoh MP C2003 printer with HTML Injection and Stored XSS vulnerabilities in the address-adding flow. The issue is triggered by the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi, allowing arbitrary script/HTML injection into the web UI....
CVE-2018-17312
CVE-2018-17312 affects the Ricoh Aficio MP 301 printer. The vulnerability is HTML Injection and Stored XSS in the address-adding function, triggered via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. Public references corroborate Cross-Site Scripting in that area, with ...
CVE-2018-17310
The CVE-2018-17310 vulnerability affects Ricoh MP C1803 JPN printers, where HTML Injection and Stored XSS can be triggered via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. The issue concerns the add-address workflow in the web UI, with the attack surface exposed over ...
CVE-2018-17316
CVE-2018-17316 affects the Ricoh MP C6003 printer. The vulnerability is in the address-adding functionality: HTML Injection and Stored XSS triggered via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. Affected component/file path is the web UI endpoint for address manage...
CVE-2018-17311
CVE-2018-17311 affects the Ricoh MP C6503 Plus web interface, specifically the /web/entry/en/address/adrsSetUserWizard.cgi endpoint. The vulnerability is HTML Injection and Stored XSS via the entryNameIn parameter when adding addresses, enabling arbitrary script/HTML execution in the affected UI....
CVE-2018-17313
RICOH MP C307 is affected by CVE-2018-17313: HTML Injection and Stored XSS in the address-adding flow via /web/entry/en/address/adrsSetUserWizard.cgi, triggered by the entryNameIn parameter. Impact is stored XSS in the web context; CVSS2 base 4.3 (NETWORK, MEDIUM) and CVSS3 base 6.1 (NETWORK, LOW...
CVE-2018-17309
The CVE-2018-17309 entry concerns the Ricoh MP C406Z multifunction printer. Affected component: the address management web interface, specifically the /web/entry/en/address/adrsSetUserWizard.cgi endpoint. Vulnerability type: HTML Injection and Stored XSS in the area where addresses are added via ...
CVE-2018-17313
On the RICOH MP C307 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi...
CVE-2018-17309
On the RICOH MP C406Z printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi...
RICOH MP C6503 Plus Printer Cross Site Scripting
Exploit Title: RICOH MP C6503 Plus Printer - HTML Injection and Stored XSS Date: 2018-09-21 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...
RICOH MP C307 Printer Cross Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: RICOH MP C307 Printer - HTML Injection and Stored XSS Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...
RICOH MP 305+ Printer Cross Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: RICOH MP 305+ Printer - HTML Injection and Stored XSS Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...
RICOH MP C2003 Printer - Cross-Site Scripting
RICOH MP C2003 Printer - Cross-Site Scripting Exploit Title: RICOH MP C2003 Printer - Cross-Site Scripting Date: 2018-09-21 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...
RICOH MP C307 Printer Cross Site Scripting
Exploit Title: RICOH MP C307 Printer - HTML Injection and Stored XSS Date: 2018-09-21 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...