106 matches found
JEESNS Reflective Cross-Site Scripting Vulnerability (CNVD-2021-74052)
JEESNS is a social management system developed on the JAVA enterprise platform. The vulnerability can be exploited to execute arbitrary Web scripts or HTML via the system error message text field...
CVE-2020-19282
A reflected cross-site scripting XSS vulnerability in Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field...
CVE-2020-19282
Jeesns 1.4.2 is affected by a reflected cross-site scripting (XSS) vulnerability in the system error message text field. The issue allows an attacker to inject and execute arbitrary web scripts or HTML in a victim’s browser, potentially enabling session hijacking or data exposure. Root cause is a...
JEESNS 跨站脚本漏洞
JEESNS is a social management system developed on the JAVA enterprise platform. The vulnerability can be exploited to execute arbitrary Web scripts or HTML via the system error message text field...
PT-2021-10322
Name of the Vulnerable Software and Affected Versions: Jeesns version 1.4.2 Description: A reflected cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field. This enables attackers to potentially steal...
CVE-2021-27477
When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame,...
CVE-2021-27477
When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame,...
Code injection
When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame,...
CVE-2021-27477
CVE-2021-27477 affects JTEKT TOYOPUC PLC family (PC10G-CPU, 2PORT-EFR, Plus CPU/EX/EX2, EFR/EFR2, 2P-EFR, PC10P-DP/DP-IO, Nano series, PC10PE/16/16P, PC10E, FL/ET-T-V2H, PC10B/PC10B-P, Nano CPU, PC10P, PC10GE and Plus variants). Root cause: improper restriction of operations within the bounds of ...
CVE-2021-27477
When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame,...
PT-2021-17465 · Jtekt · Toyopuc Plc
Name of the Vulnerable Software and Affected Versions: JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET, PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B, PC10B-P, Na...
Grid Solutions GE MU320E 安全漏洞
The MU320E is a process interface unit from GE with integrated analog and digital merge interfaces. An elevation of privilege vulnerability exists in GE MU320E firmware prior to version 04A00.1. The vulnerability stems from a communication error in the file system. An attacker could exploit the...
Home Depot Confirms Data Breach in Order Confirmation SNAFU
Home Depot has exposed the private order confirmations of hundreds of Canadian consumers, containing names, physical addresses, email addresses, order details and partial credit-card information. After customers began reporting that they had received hundreds of emails from the home-improvement...
U.S. Dept Of Defense: System Error Reveals Sensitive SQL Call Data
Summary: If you attempt to login at https://███.mil/sso/LoginRequest.do using a very long username, the application will respond showing a stack trace information with sensitive SQL data call information. This reveals too much information about SQL calls to the database. Please see the attached P...
GHSA-23VW-MHV5-GRV5 Denial of Service in @hapi/hapi
Versions of @hapi/hapi prior to 18.4.1 or 19.1.1 are vulnerable to Denial of Service. The CORS request handler has a vulnerability which will cause the function to throw a system error if the header contains some invalid values. If no unhandled exception handler is available, the application will...
Denial of Service in @hapi/accept
Versions of @hapi/accept prior to 3.2.4 or 5.0.1 are vulnerable to Denial of Service. The Accept-Encoding HTTP header parser has a vulnerability which will cause the function to throw a system error if the header contains some invalid values. Because hapi rethrows system errors as opposed to...
GHSA-9VRW-M88G-W75Q Denial of Service in @hapi/accept
Versions of @hapi/accept prior to 3.2.4 or 5.0.1 are vulnerable to Denial of Service. The Accept-Encoding HTTP header parser has a vulnerability which will cause the function to throw a system error if the header contains some invalid values. Because hapi rethrows system errors as opposed to...
Denial Of Service (DoS)
@hapi/ammo is vulnerable to denial of service DoS. The Range HTTP header parser causes the function to throw a system error when the header value is invalid, allowing an attacker to crash the application using a malicious header value...
Denial of Service
Overview Affected versions of @commercial/hapi are vulnerable to Denial of Service. The CORS request handler has a vulnerability which will cause the function to throw a system error if the header contains some invalid values. If no unhandled exception handler is available, the application will...
Denial of Service
Overview Versions of @hapi/hapi prior to 18.4.1 or 19.1.1 are vulnerable to Denial of Service. The CORS request handler has a vulnerability which will cause the function to throw a system error if the header contains some invalid values. If no unhandled exception handler is available, the...