4 matches found
CVE-2016-4058
Cross-site scripting XSS vulnerability in Huawei Policy Center before V100R003C10SPC020 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to "special characters on pages."...
CVE-2016-4058
Huawei Policy Center contains a Cross-site scripting (XSS) vulnerability (CVE-2016-4058) in versions prior to V100R003C10SPC020. The root cause is incomplete input validation allowing remote authenticated users to inject arbitrary script/HTML via vectors related to special characters on pages. Af...
CVE-2016-2405
Huawei Policy Center with software before V100R003C10SPC020 allows remote authenticated users to gain privileges and cause a denial of service system crash via a crafted URL...
CVE-2016-3675
SQL injection vulnerability in Huawei Policy Center with software before V100R003C10SPC020 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to system databases...