CVE-2023-22913

A post-authentication command injection vulnerability in the “accountoperator.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow a remote authenticated attacker to modify device configuration data,...

Mail.ru: [https://fleet.city-mobil.ru] Stored XSS into driver mailing

Stored XSS via content of the message to driver in operator's interface...

Mail.ru: Blind XSS in operator's interface for 33slona.ru

Blind stored XSS in operator's interface of 33slona.ru via call back request...

Toshiba OIS120A Operator Interface Station Detection

Binary data 757851.prm...

Toshiba OIS42U PLUS Operator Interface Station Detection

Binary data 757848.prm...

Rockwell Automation PanelView 2711-*15 Operator Interface

Binary data 753302.prm...

Toshiba OIS45E PLUS Operator Interface Station Detection

Binary data 757849.prm...

Rockwell Automation DTAM Plus - Operator Interface Module 2707-xxxPxxD Generic

Binary data 752219.prm...

Toshiba OIS70E PLUS Operator Interface Station Detection

Binary data 757850.prm...

Rockwell Automation PanelView 2711-*20 Operator Interface

Binary data 753307.prm...

Toshiba OIS24 Operator Interface Station Detection

Binary data 757847.prm...

Rockwell Automation DTAM Micro - Operator Interface Module 2707-M232P3D Generic

Binary data 752220.prm...