8 matches found
CVE-2024-13597
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS Cross-site Scripting attacks. An attacker might trick a user into filling a form sent to login panel at /softcom/ with a malicious script, what causes the script to run in user's context. This vulnerability ha...
CVE-2024-49705
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to client-side Denial of Servise DoS attacks. An attacker might trick a user into using an URL with a d parameter set to an unhandled value. All the subsequent requests will not be accepted as the server returns an error...
CVE-2024-49707
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS Cross-site Scripting attacks. An attacker might trick a user into filling a form designed for resetting user's password with a malicious script, what causes the script to run in user's context. This...
CVE-2024-49706 XSS in iKSORIS
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Open Redirect attacks by including base64 encoded URLs in the target parameter sent in a POST request to one of the endpoints. This vulnerability has been patched in version 79.0...
CVE-2024-49706 XSS in iKSORIS
Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Open Redirect attacks by including base64 encoded URLs in the target parameter sent in a POST request to one of the endpoints. This vulnerability has been patched in version 79.0...
CVE-2024-10089
Technical details about CVE-2024-10089 are not publicly available in the provided documents. No specifics on affected components, root cause, exploit info, or fixes beyond the brief description are provided.
CVE-2024-10088
CVE-2024-10088 affects the Internet Starter module of SoftCOM iKSORIS. It is vulnerable to a Reflected XSS attack where a user is tricked into submitting a login form containing a malicious script, causing the script to run in the user’s browser context. The vulnerability is patched in version 79...
International Color Consortium DemoIccMAX Buffer Error Vulnerability
DemoIccMAX is International Color Consortium open source a iccMAX color profile demo implementation. A security vulnerability exists in International Color Consortium DemoIccMAX version 79ecb74, which stems from an out-of-bounds read vulnerability in function CIccPRMG::GetChroma...