68 matches found
CVE-2024-43687
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip TimeProvider 4100 banner config modules allows Cross-Site Scripting XSS.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...
CVE-2024-43687
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip TimeProvider 4100 banner config modules allows Cross-Site Scripting XSS.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...
CVE-2024-7801
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Microchip TimeProvider 4100 Data plot modules allows SQL Injection.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...
CVE-2024-9054
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection', Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Microchip TimeProvider 4100 Configuration modules allows Command Injection.This issue affects TimeProvider 4100: from 1.0 before...
CVE-2024-43683
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Microchip TimeProvider 4100 allows XSS Through HTTP Headers.This issue affects TimeProvider 4100: from 1.0...
CVE-2024-43686
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip TimeProvider 4100 data plot modules allows Reflected XSS.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...
CVE-2024-43684
Cross-Site Request Forgery CSRF vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting XSS.This issue affects TimeProvider 4100: from 1.0...
CVE-2024-43684
Cross-Site Request Forgery CSRF vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting XSS.This issue affects TimeProvider 4100: from 1.0...
CVE-2024-43685
Improper Authentication vulnerability in Microchip TimeProvider 4100 login modules allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...
CVE-2024-43686
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Microchip TimeProvider 4100 data plot modules allows Reflected XSS.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...
CVE-2024-43685
Improper Authentication vulnerability in Microchip TimeProvider 4100 login modules allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...
CVE-2024-43683
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Microchip TimeProvider 4100 allows XSS Through HTTP Headers.This issue affects TimeProvider 4100: from 1.0...
CVE-2024-43683 Improper verification of the Host header in TimeProvider 4100
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Microchip TimeProvider 4100 allows XSS Through HTTP Headers.This issue affects TimeProvider 4100: from 1.0...
CVE-2024-43683 Improper verification of the Host header in TimeProvider 4100
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Microchip TimeProvider 4100 allows XSS Through HTTP Headers.This issue affects TimeProvider 4100: from 1.0...
CVE-2024-43683
CVE-2024-43683 affects Microchip TimeProvider 4100 (from v1.0). The issue is an improper verification of the Host header leading to a URL Redirection to an untrusted site, enabling cross-site scripting via HTTP headers (open redirect). Public documents indicate affected versions start at 1.0, but...
CVE-2024-43684 Cross-Site Request Forgery vulnerability in TimeProvider 4100
Cross-Site Request Forgery CSRF vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting XSS.This issue affects TimeProvider 4100: from 1.0...
CVE-2024-43684
Microchip TimeProvider 4100 is affected by a CSRF vulnerability (also enabling XSS). Affected: TimeProvider 4100, versions 1.0 and later. Root cause: CSRF/XSS issues on the device allow unauthorized actions. Impact: high in both confidentiality and integrity; availability also at risk per CVSS da...
CVE-2024-43684 Cross-Site Request Forgery vulnerability in TimeProvider 4100
Cross-Site Request Forgery CSRF vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting XSS.This issue affects TimeProvider 4100: from 1.0...
CVE-2024-43685 Session token fixation in TimeProvider 4100
Improper Authentication vulnerability in Microchip TimeProvider 4100 login modules allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...
CVE-2024-43685 Session token fixation in TimeProvider 4100
Improper Authentication vulnerability in Microchip TimeProvider 4100 login modules allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 before 2.4.7...