5 matches found
CVE-2023-33732
Cross Site Scripting XSS in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval...
CVE-2023-33732
Cross Site Scripting XSS in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval...
Cross site scripting
Cross Site Scripting XSS in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval...
CVE-2023-33732
CVE-2023-33733 concerns the Python ReportLab library. A sandbox bypass in ReportLab could allow arbitrary code execution when processing crafted PDFs. Public advisories (e.g., Debian DSA-5791/DLA-3917) state that vulnerable versions up to 3.6.12-1+deb12u1 (and earlier 3.5.59-2+deb11u1 in Debian 1...
PT-2023-24461 · Microworld Technologies · Escan
Name of the Vulnerable Software and Affected Versions: Microworld Technologies eScan management console version 14.0.1400.2281 Description: The issue allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval in the New Policy form. This...