EUVD-2023-54519

Malicious code in bioql PyPI...

Input validation

The web interface of the PAC Device allows the device administrator user profile to store malicious scripts in some fields. The stored malicious script is then executed when the GUI is opened by any users of the webserver administration interface. The root cause of the vulnerability is inadequate...

CVE-2023-4667

CVE-2023-4667 affects the PAC Device web interface, where the device administrator can store malicious scripts in form fields. The stored scripts are executed when the GUI is opened by users of the webserver administration interface. Root cause: inadequate input validation and output encoding in ...

CVE-2023-4667 Stored Cross Site Scripting in webserver administration

The web interface of the PAC Device allows the device administrator user profile to store malicious scripts in some fields. The stored malicious script is then executed when the GUI is opened by any users of the webserver administration interface. The root cause of the vulnerability is inadequate...

PT-2023-30152 · Unknown · Pac Device

Name of the Vulnerable Software and Affected Versions: PAC Device affected versions not specified Description: The web interface of the PAC Device allows the device administrator user profile to store malicious scripts in some fields. The stored malicious script is then executed when the GUI is...