4 matches found
CVE-2021-38157
LeoStream Connection Broker 9.x before 9.0.34.3 allows Unauthenticated Reflected XSS via the /index.pl user parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2022-41762
An issue was discovered in NOKIA NFM-T R19.9. Multiple Reflected XSS vulnerabilities exist in the Network Element Manager via any parameter to log.pl, the bench or pid parameter to top.pl, or the id parameter to easy1350.pl...
CVE-2017-20132
A vulnerability was found in Itech Multi Vendor Script 6.49 and classified as critical. This issue affects some unknown processing of the file /multi-vendor-shopping-script/product-list.php. The manipulation of the argument pl leads to sql injection. The attack may be initiated remotely. The...
ZoneMinder cross-site scripting vulnerability (CNVD-2019-04696)
ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras and more. A cross-site scripting vulnerability exists in the web/skins/classic/views/plugin.php file in ZoneMinder version 1.32.3, which can be exploited by a remote attacker with the...