11 matches found
EUVD-2021-21468
Malware in sbrugna...
CVE-2021-34821
Cross Site Scripting XSS vulnerability exists in AAT Novus Management System through 1.51.2. The WebUI has wrong HTTP 404 error handling implemented. A remote, unauthenticated attacker may be able to exploit the issue by sending malicious HTTP requests to non-existing URIs. The value of the URL...
Novus Management System Cross-Site Scripting Vulnerability
NOVUS Novus Management System NMS is a management system from NOVUS. Its user interface consists of modular panels that users can adapt to specific systems and operator needs.A cross-site scripting vulnerability exists in Novus Management System version 1.51.2 and earlier. A remote, unauthenticat...
CVE-2021-34821
Cross Site Scripting XSS vulnerability exists in AAT Novus Management System through 1.51.2. The WebUI has wrong HTTP 404 error handling implemented. A remote, unauthenticated attacker may be able to exploit the issue by sending malicious HTTP requests to non-existing URIs. The value of the URL...
CVE-2021-34821
Cross Site Scripting XSS vulnerability exists in AAT Novus Management System through 1.51.2. The WebUI has wrong HTTP 404 error handling implemented. A remote, unauthenticated attacker may be able to exploit the issue by sending malicious HTTP requests to non-existing URIs. The value of the URL...
CVE-2021-34820
Web Path Directory Traversal in the Novus HTTP Server. The Novus HTTP Server is affected by the Directory Traversal for Arbitrary File Access vulnerability. A remote, unauthenticated attacker using an HTTP GET request may be able to exploit this issue to access sensitive data. The issue was...
Directory traversal
Web Path Directory Traversal in the Novus HTTP Server. The Novus HTTP Server is affected by the Directory Traversal for Arbitrary File Access vulnerability. A remote, unauthenticated attacker using an HTTP GET request may be able to exploit this issue to access sensitive data. The issue was...
Cross site scripting
Cross Site Scripting XSS vulnerability exists in AAT Novus Management System through 1.51.2. The WebUI has wrong HTTP 404 error handling implemented. A remote, unauthenticated attacker may be able to exploit the issue by sending malicious HTTP requests to non-existing URIs. The value of the URL...
CVE-2021-34821
CVE-2021-34821 affects AAT Novus Management System (NMS) up to version 1.51.2. The WebUI improperly handles 404s, allowing a remote, unauthenticated attacker to issue requests to non-existent URIs. The vulnerability stems from the URL path filename being copied into the HTML document as plain tex...
CVE-2021-34821
Cross Site Scripting XSS vulnerability exists in AAT Novus Management System through 1.51.2. The WebUI has wrong HTTP 404 error handling implemented. A remote, unauthenticated attacker may be able to exploit the issue by sending malicious HTTP requests to non-existing URIs. The value of the URL...
NOVUS Novus Management System 路径遍历漏洞
The NOVUS Novus Management System NMS is a management system from NOVUS. Its user interface consists of modular panels that can be adapted by the user to the needs of a particular system and operator. A path traversal vulnerability exists in Novus Management System that stems from the product's...