6 matches found
EUVD-2026-13113
Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...
CVE-2026-32843
Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...
CVE-2026-32843
A reflected cross-site scripting (XSS) vulnerability affects Location Aware Sensor System by LinkIt ONE up to commit f06bd20 (2023-04-26) in PM25.php. The issue arises from allowing unencoded payloads via GET parameters (site, city, district, channel, or apikey), enabling remote attackers to exec...
CVE-2026-32843
Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...
CVE-2026-32843 Linkit ONE Location Aware Sensor System (LASS) Reflected XSS via PM25.php
Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...
PT-2026-26296
Location Aware Sensor System by Linkit ONE, up to commit f06bd20 2023-04-26, contains a reflected cross-site scripting vulnerability in the PM25.php file that allows remote attackers to execute arbitrary JavaScript by injecting malicious code into GET parameters. Attackers can craft a malicious U...