Lucene search
K

62 matches found

Cvelist
Cvelist
added 2019/07/29 5:30 p.m.12 views

CVE-2018-17211

An issue was discovered in PrinterOn Central Print Services CPS through 4.1.4. An unauthenticated attacker can view details about the printers associated with CPS via a crafted HTTP GET request...

5.3AI score0.01729EPSS
Exploits1References1
CVE
CVE
added 2019/07/29 5:30 p.m.42 views

CVE-2018-17211

The CVE-2018-17211 entry describes a vulnerability in PrinterOn Central Print Services (CPS) up to version 4.1.4. An unauthenticated attacker can disclose sensitive printer-related details by sending a crafted HTTP GET request, enabling information disclosure (confidentiality impact). The issue i...

5.3CVSS5.3AI score0.01729EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/07/20 12:15 a.m.4 views

CVE-2018-17210

An issue was discovered in PrinterOn Central Print Services CPS through 4.1.4. The core components that create and launch a print job do not perform complete verification of the session cookie that is supplied to them. As a result, an attacker with guest/pseudo-guest level permissions can bypass...

8.8CVSS5.8AI score0.01658EPSS
Exploits1References1
NVD
NVD
added 2019/07/20 12:15 a.m.16 views

CVE-2018-17210

An issue was discovered in PrinterOn Central Print Services CPS through 4.1.4. The core components that create and launch a print job do not perform complete verification of the session cookie that is supplied to them. As a result, an attacker with guest/pseudo-guest level permissions can bypass...

8.8CVSS8.6AI score0.01658EPSS
Exploits1References1
Prion
Prion
added 2019/07/20 12:15 a.m.16 views

Session fixation

An issue was discovered in PrinterOn Central Print Services CPS through 4.1.4. The core components that create and launch a print job do not perform complete verification of the session cookie that is supplied to them. As a result, an attacker with guest/pseudo-guest level permissions can bypass...

6.5CVSS8.5AI score0.01658EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/07/19 11:19 p.m.18 views

CVE-2018-17210

An issue was discovered in PrinterOn Central Print Services CPS through 4.1.4. The core components that create and launch a print job do not perform complete verification of the session cookie that is supplied to them. As a result, an attacker with guest/pseudo-guest level permissions can bypass...

8.7AI score0.01658EPSS
Exploits1References1
CVE
CVE
added 2019/07/19 11:19 p.m.200 views

CVE-2018-17210

CVE-2018-17210 affects PrinterOn Central Print Services (CPS) up to version 4.1.4. The core components that create and launch print jobs do not perform complete verification of the session cookie, enabling an attacker with guest/pseudo-guest permissions to bypass session checks by calling the cor...

8.8CVSS8.5AI score0.01658EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2019/04/23 2:29 p.m.13 views

CVE-2018-17169

An XML external entity XXE vulnerability in PrinterOn version 4.1.4 and lower allows remote authenticated users to read arbitrary files or conduct server-side request forgery SSRF attacks via a crafted DTD in an XML request...

7.7CVSS7.2AI score0.01543EPSS
Exploits1References1
Prion
Prion
added 2019/04/23 2:29 p.m.12 views

Server side request forgery (ssrf)

An XML external entity XXE vulnerability in PrinterOn version 4.1.4 and lower allows remote authenticated users to read arbitrary files or conduct server-side request forgery SSRF attacks via a crafted DTD in an XML request...

4CVSS7.1AI score0.01543EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/04/23 2:29 p.m.3 views

CVE-2018-17169

An XML external entity XXE vulnerability in PrinterOn version 4.1.4 and lower allows remote authenticated users to read arbitrary files or conduct server-side request forgery SSRF attacks via a crafted DTD in an XML request...

7.7CVSS5.9AI score0.01543EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/04/23 1:34 p.m.15 views

CVE-2018-17169

An XML external entity XXE vulnerability in PrinterOn version 4.1.4 and lower allows remote authenticated users to read arbitrary files or conduct server-side request forgery SSRF attacks via a crafted DTD in an XML request...

7.2AI score0.01543EPSS
Exploits1References1
CVE
CVE
added 2019/04/23 1:34 p.m.52 views

CVE-2018-17169

PrinterOn products suffer an XXE vulnerability (CVE-2018-17169) in versions 4.1.4 and earlier. A crafted XML DTD can be processed by the service, allowing remote authenticated users to read arbitrary files or perform server-side request forgery (SSRF). The publicly available sources confirm the f...

7.7CVSS7.1AI score0.01543EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/04/18 5:29 p.m.11 views

Cross site request forgery (csrf)

PrinterOn Enterprise 4.1.4 contains multiple Cross Site Request Forgery CSRF vulnerabilities in the Administration page. For example, an administrator, by following a link, can be tricked into making unwanted changes to a printer Disable, Approve, etc...

4.3CVSS6.7AI score0.00525EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2019/04/18 5:29 p.m.18 views

CVE-2018-17168

PrinterOn Enterprise 4.1.4 contains multiple Cross Site Request Forgery CSRF vulnerabilities in the Administration page. For example, an administrator, by following a link, can be tricked into making unwanted changes to a printer Disable, Approve, etc...

6.5CVSS6.7AI score0.00525EPSS
Exploits1References1
OSV
OSV
added 2019/04/18 5:29 p.m.5 views

CVE-2018-17168

PrinterOn Enterprise 4.1.4 contains multiple Cross Site Request Forgery CSRF vulnerabilities in the Administration page. For example, an administrator, by following a link, can be tricked into making unwanted changes to a printer Disable, Approve, etc...

6.5CVSS5.8AI score0.00525EPSS
Exploits1References1
CVE
CVE
added 2019/04/18 4:36 p.m.39 views

CVE-2018-17168

PrinterOn Enterprise 4.1.4 is affected by multiple cross-site request forgery (CSRF) vulnerabilities in the Administration page. An attacker could lure an administrator to a link that triggers unauthorized admin actions, such as Disable or Approve printer settings. The root cause is CSRF in the a...

6.5CVSS6.7AI score0.00525EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/04/18 4:36 p.m.17 views

CVE-2018-17168

PrinterOn Enterprise 4.1.4 contains multiple Cross Site Request Forgery CSRF vulnerabilities in the Administration page. For example, an administrator, by following a link, can be tricked into making unwanted changes to a printer Disable, Approve, etc...

6.8AI score0.00525EPSS
Exploits1References1
NVD
NVD
added 2019/03/21 4:0 p.m.18 views

CVE-2018-17167

PrinterOn Enterprise 4.1.4 suffers from multiple authenticated stored XSS vulnerabilities via the 1 "Machine Host Name" or "Server Serial Number" field in the clustering configuration, 2 "name" field in the Edit Group configuration, 3 "Rule Name" field in the Access Control configuration, 4...

5.4CVSS5.4AI score0.00644EPSS
Exploits1References1
Prion
Prion
added 2019/03/21 4:0 p.m.13 views

Cross site scripting

PrinterOn Enterprise 4.1.4 suffers from multiple authenticated stored XSS vulnerabilities via the 1 "Machine Host Name" or "Server Serial Number" field in the clustering configuration, 2 "name" field in the Edit Group configuration, 3 "Rule Name" field in the Access Control configuration, 4...

3.5CVSS5.3AI score0.00644EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2019/03/21 12:0 a.m.2 views

PrinterOn Enterprise Cross-Site Scripting Vulnerability

PrinterOn Enterprise is a secure cloud printing solution from PrinterOn Canada. The solution supports printing from laptops, desktops and mobile devices connected to printers. A cross-site scripting vulnerability exists in PrinterOn Enterprise version 4.1.4, which stems from a lack of proper...

5.4CVSS6.4AI score0.00644EPSS
Exploits1References1
Rows per page
Query Builder