4 matches found
CVE-2022-50787
SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x contains an unauthenticated stored cross-site scripting vulnerability in the username parameter that allows attackers to inject malicious scripts. Attackers can exploit the unvalidated username input to execute arbitrary HTML and JavaScript code in victi...
CVE-2022-50694
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains an SQL injection vulnerability in the 'username' POST parameter of index.php that allows attackers to manipulate database queries. Attackers can inject arbitrary SQL code through the username parameter to bypass authentication and potentially access...
CVE-2022-50790
CVE-2022-50790 affects SOUND4 IMPACT/FIRST/PULSE/Eco 2.x and earlier. The root cause is an unauthenticated web script exposure (via webplay or ffmpeg scripts) that allows remote attackers to disclose live radio stream information. Impact is information disclosure of radio stream details; no integ...
PT-2023-2564 · Illumina · Illumina Universal Copy Service
Name of the Vulnerable Software and Affected Versions: Illumina Universal Copy Service versions 2.x Description: The issue is related to the binding of Illumina Universal Copy Service to an unrestricted IP address, allowing an unauthenticated malicious actor to use the service to listen on all IP...