Cross site scripting

Avery Dennison Monarch Printer M9855 is vulnerable to Cross Site Scripting XSS...

CVE-2022-44261

Avery Dennison Monarch Printer M9855 is vulnerable to Cross Site Scripting XSS...

CVE-2022-44261

CVE-2022-44261 affects the Avery Dennison Monarch Printer M9855 with a Cross-Site Scripting (XSS) flaw. The CVSS 3.1 metrics indicate a Network attack vector, Low attack complexity, no privileges required, user interaction required, and a Confidentiality/Integrity impact of Low, with no Availabil...

Avery Dennison Monarch Printer 跨站脚本漏洞

Avery Dennison Monarch Printer is a printer from Avery Dennison. A security vulnerability exists in Avery Dennison Monarch Printer M9855. An attacker could exploit this vulnerability to perform cross-site scripting attacks...

The vulnerability of Huawei BiSheng-WNM printer’s microprogramming software, related to insufficient input data verification, allows attackers to trigger service failures.

The vulnerability of Huawei BiSheng-WNM printer’s microprogramming software is related to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures using specially created data...

CVE-2022-48311

UNSUPPORTED WHEN ASSIGNED Cross Site Scripting XSS in HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Model Number A9U23B allows authenticated attacker to inject their own script into the page via HTTP configuration page. NOTE: This vulnerability only affects products tha...

HP Deskjet 2540 跨站脚本漏洞

The HP Deskjet 2540 is a printer from Hewlett-Packard HP in the United States. A cross-site scripting vulnerability exists in the HP Deskjet 2540 Printer series version CEP1FN1418BR, which stems from the presence of cross-site scripting XSS that allows authenticated attackers to inject their own...

CVE-2022-48311

The CVE-2022-48311 entry concerns the HP Deskjet 2540 series printer, specifically firmware CEP1FN1418BR (model A9U23B). It states a Cross Site Scripting (XSS) vulnerability in the HTTP configuration page that can be exploited by an authenticated attacker to inject their own script. The issue is ...

PT-2023-36382 · Xerox · Workcentre 3025

Уязвимость веб-интерфейса микропрограммного обеспечения принтеров Xerox WorkCentre 3025 связана с некорректной обработкой специальных символов во входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить несанкционированный доступ к учетным данным путем...

The vulnerability of the Common Desktop Environment component of the Oracle Solaris operating system allows a hacker to elevate their privileges to the root level.

The vulnerability of the Common Desktop Environment component of the Oracle Solaris operating system arises due to an overflow in the buffer on the stack. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level by using a malicious printer...

Lexmark Printer SSRF Vulnerability (Jan 2023)

Multiple Lexmark printer devices are prone to a server-side request forgery SSRF vulnerability. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Lexmark Printer Brute-Force Protection Bypass Vulnerability (Jan 2023)

Multiple Lexmark printer devices are prone to a brute-force protection bypass vulnerability. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later...

Exploit for Improper Access Control in Lexmark B2236_Firmware

PoC for CVE-2023-22960 !Pythonhttps://img.shields.io/badg...

Solaris 10 dtprintinfo / libXm / libXpm Security Issues Vulnerability

Multiple vulnerabilities have been discovered across Common Desktop Environment version 1.6, Motif version 2.1, and X.Org libXpm versions prior to 3.5.15 on Oracle Solaris 10 that can be chained together to achieve root. Title: Multiple vulnerabilities in Solaris dtprintinfo and libXm/libXpm...

CVE-2023-24040

dtprintinfo in Common Desktop Environment 1.6 has a bug in the parser of lpstat an invoked external command during listing of the names of available printers. This allows low-privileged local users to inject arbitrary printer names via the $HOME/.printers file. This injection allows those users t...

CVE-2023-24040

dtprintinfo in Common Desktop Environment 1.6 has a bug in the parser of lpstat an invoked external command during listing of the names of available printers. This allows low-privileged local users to inject arbitrary printer names via the $HOME/.printers file. This injection allows those users t...

CVE-2023-24040

dtprintinfo in Common Desktop Environment 1.6 has a bug in the parser of lpstat an invoked external command during listing of the names of available printers. This allows low-privileged local users to inject arbitrary printer names via the $HOME/.printers file. This injection allows those users t...

Design/Logic Flaw

UNSUPPORTED WHEN ASSIGNED dtprintinfo in Common Desktop Environment 1.6 has a bug in the parser of lpstat an invoked external command during listing of the names of available printers. This allows low-privileged local users to inject arbitrary printer names via the $HOME/.printers file. This...

CVE-2023-24040

dtprintinfo in Common Desktop Environment 1.6 has a bug in the parser of lpstat an invoked external command during listing of the names of available printers. This allows low-privileged local users to inject arbitrary printer names via the $HOME/.printers file. This injection allows those users t...

PT-2023-19374 · Oracle · Solaris 10

Name of the Vulnerable Software and Affected Versions: Common Desktop Environment version 1.6 Description: The issue is related to a bug in the parser of lpstat, an external command invoked by dtprintinfo, which occurs during the listing of available printer names. This bug allows low-privileged...