4 matches found
CVE-2018-18880
In firmware version MS2.6.9900 of Columbia Weather MicroServer, a networkdiags.php reflected Cross-site scripting XSS vulnerability allows remote authenticated users to inject arbitrary web script...
Columbia Weather Systems Weather MicroServer Cross-Site Scripting Vulnerability (CNVD-2019-07785)
Columbia Weather Systems Weather MicroServer is a weather monitoring device from Columbia Weather Systems, USA. A cross-site scripting vulnerability exists in Columbia Weather Systems Weather MicroServer MS2.6.9900 and prior versions, which stems from the program failing to properly validate inpu...
Columbia Weather Systems Weather MicroServer Path Traversal Vulnerability
Columbia Weather Systems Weather MicroServer is a weather monitoring device from Columbia Weather Systems, USA. A path traversal vulnerability exists in Columbia Weather Systems Weather MicroServer MS2.6.9900 and earlier versions. An attacker can use this vulnerability to read files in the...
Columbia Weather Systems Weather MicroServer Code Injection Vulnerability
Columbia Weather Systems Weather MicroServer is a weather monitoring device from Columbia Weather Systems, USA. A code injection vulnerability exists in Columbia Weather Systems Weather MicroServer MS2.6.9900 and prior versions. A remote attacker can exploit this vulnerability to execute code...