CVE-2026-22208

OpenS100 the reference implementation S-100 viewer prior to commit 753cf29 contain a remote code execution vulnerability via an unrestricted Lua interpreter. The Portrayal Engine initializes Lua using luaLopenlibs without sandboxing or capability restrictions, exposing standard libraries such as...

Multiple Microsemi Product Path Traversal Vulnerabilities (CNVD-2020-29591)

Microsemi Symmetricom SyncServer S100 and others are a network time server from Microsemi, USA. A path traversal vulnerability exists in multiple Microsemi products. The vulnerability stems from a failure of a networked system or product to properly filter special elements in a resource or file...

Multiple Microsemi Product Path Traversal Vulnerabilities (CNVD-2020-29569)

Microsemi Symmetricom SyncServer S100 and others are a network time server from Microsemi, USA. A path traversal vulnerability exists in multiple Symmetricom products. The vulnerability stems from a failure of a networked system or product to properly filter special elements in a resource or file...

Cross-Site Scripting Vulnerability in Multiple Microsemi Products

Microsemi Symmetricom SyncServer S100 and others are a network time server from Microsemi, USA. A cross-site scripting vulnerability exists in several Microsemi products. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit...

Multiple Microsemi Products Input Validation Error Vulnerability

Microsemi Symmetricom SyncServer S100 and others are a network time server from Microsemi, USA. A security vulnerability exists in several Symmetricom products that stems from the program's failure to properly handle authentication of callbacks. An attacker could exploit the vulnerability to...

Multiple Microsemi Product Path Traversal Vulnerabilities (CNVD-2020-29592)

Microsemi Symmetricom SyncServer S100 and others are a network time server from Microsemi, USA. A path traversal vulnerability exists in multiple Microsemi products. The vulnerability stems from a failure of a networked system or product to properly filter special elements in a resource or file...

Multiple Microsemi Product Path Traversal Vulnerabilities

Microsemi Symmetricom SyncServer S100 and others are a network time server from Microsemi, USA. A path traversal vulnerability exists in multiple Microsemi products. The vulnerability stems from a failure of a networked system or product to properly filter special elements in a resource or file...

CVE-2020-9028

Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow stored XSS via the newUserName parameter on the "User Creation, Deletion and Password Maintenance" screen when creating a new user...

CVE-2020-9031

Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to daemonlog.php...

CVE-2020-9031

Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to daemonlog.php...

CVE-2020-9033

Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to authlog.php...

CVE-2020-9030

Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to the syslog.php...

CVE-2020-9028

The CVE-2020-9028 entry concerns Symmetricom SyncServer devices (S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, S350 2.80.1) that allow stored XSS via the newUserName parameter on the User Creation, Deletion and Password Maintenance screen when creating a new user. The connected documents con...

s100.copyright.com XSS vulnerability

Open Bug Bounty ID: OBB-453731 Description| Value ---|--- Affected Website:| s100.copyright.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...