pc3.tuodominio.it Cross Site Scripting vulnerability OBB-1432239

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Xovis PC2, PC2R and PC3 Sensor Cross-Site Request Forgery Vulnerability

The Xovis PC2, PC2R and PC3 are all sensor devices from Xovis USA. A cross-site request forgery vulnerability exists in the Xovis PC2, PC2R, and PC3 sensors using firmware version 3.6.0 and earlier, which can be exploited by remote attackers to perform unauthorized operations...

CVE-2018-11719

Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow XXE...

Directory traversal

Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow Directory Traversal...

CVE-2018-11720

Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow Directory Traversal...

CVE-2018-11719

Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow XXE...

CVE-2018-11718

Xovis PC2, PC2R and PC3 devices (firmware up to 3.6.0) are affected by a CSRF vulnerability. The connected CNVD entry explicitly describes a cross-site request forgery path impacting these sensors; no exploitation details, impact quantification, or official remediation/version fixes are provided ...

CVE-2018-11719

Xovis PC2, PC2R, and PC3 sensors are affected by an XML External Entity (XXE) vulnerability in firmware 3.6.0 and earlier, enabling information disclosure through XML processing. The issue is documented as CVE-2018-11719 with linked CNVD-2019-02471 details. Affected products are Xovis PC2/PC2R/PC...

CVE-2018-11720

The CVE affects Xovis PC2, PC2R, and PC3 sensor devices with firmware versions 3.6.0 and earlier, via a directory traversal vulnerability that can disclose information. This is documented in CNVD-2019-02470 and corroborated by other CVE records; no exploitation details or remediation are provided...