2 matches found
CVE-2026-49203 Unauthenticated eSIM Configuration Manipulation
Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, allowing remote profiles to be rewritten or deleted...
CVE-2013-1466
Multiple cross-site scripting XSS vulnerabilities in glFusion before 1.2.2.pl4 allow remote attackers to inject arbitrary web script or HTML via the 1 subject parameter to profiles.php; 2 address1, 3 address2, 4 calendartype, 5 city, 6 state, 7 title, 8 url, or 9 zipcode parameter to...