71 matches found
Denial of Service Vulnerability in KingView web data transfer service (CNVD-2020-31722)
KingView is an industrial automation configuration software produced by Beijing Asian Control Technology Development Co. A denial of service vulnerability exists in the KingView web data transfer service. An attacker can exploit this vulnerability to launch a remote denial of service attack...
KingView web data transfer service suffers from denial of service vulnerability (CNVD-2020-31721)
KingView is an industrial automation configuration software produced by Beijing Asian Control Technology Development Co. A denial of service vulnerability exists in the KingView web data transfer service. An attacker can exploit this vulnerability to launch a remote denial of service attack...
Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-27216)
The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in multiple NETGEAR products, which stems from a lack of proper validation of client data by a WEB application and can be exploited by an attacker to execute client-side code...
Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-27214)
The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR RBR50 version prior to 2.3.5.30, RBS50 version prior to 2.3.5.30, and RBK50 version prior to 2.3.5.30, which stems from the lack of proper validation of client-side data ...
NETGEAR RAX40 Cross-Site Scripting Vulnerability (CNVD-2020-24162)
The NETGEAR RAX40 is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR RAX40 prior to version 1.0.3.62, which stems from a lack of proper validation of client-side data by the WEB application and can be exploited by an attacker to execute client-side code...
NETGEAR RBR50, RBS50 and RBK50 Cross-Site Scripting Vulnerabilities
The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR RBR50 version prior to 2.3.5.30, RBS50 version prior to 2.3.5.30, and RBK50 version prior to 2.3.5.30, which stems from the lack of proper validation of client-side data ...
NETSAS Enigma NMS Cross-Site Scripting Vulnerability (CNVD-2020-18995)
NETSAS Enigma NMS is a suite of network management and monitoring tools from NETSAS Australia. A cross-site scripting vulnerability exists in NETSAS Enigma NMS version 65.0.0 and earlier. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...
SolarWinds Orion Platform Cross-Site Scripting Vulnerability
SolarWinds Orion Platform is a network fault and network performance management platform from SolarWinds, Inc. The platform provides real-time monitoring and analysis of network devices and supports a customizable web interface, multiple user opinions, and a mapped view of the entire network. A...
Ignite Realtime Openfire Cross-Site Scripting Vulnerability (CNVD-2020-01243)
Ignite Realtime Openfire is the Ignite Realtime community of a Java development and based on XMPP formerly known as Jabber, Instant Messaging Protocol cross-platform open source real-time collaboration RTC server , it can build a highly efficient instant messaging server , and supports tens of...
Ignite Realtime Openfire Cross-Site Scripting Vulnerability (CNVD-2020-01244)
Ignite Realtime Openfire is the Ignite Realtime community of a Java development and based on XMPP formerly known as Jabber, Instant Messaging Protocol cross-platform open source real-time collaboration RTC server , it can build a highly efficient instant messaging server , and supports tens of...
NETCORE Netis DL4323 Cross-Site Scripting Vulnerability (CNVD-2020-01648)
NETCORE Netis DL4323 is a multi-function modem from China's NETCORE. A cross-site scripting vulnerability exists in the NETCORE Netis DL4323, which stems from the lack of proper validation of client data by the WEB application, and can be exploited by an attacker to execute client code...
NETCORE Netis DL4323 Cross-Site Scripting Vulnerability
NETCORE Netis DL4323 is a multi-function modem from China's NETCORE. A cross-site scripting vulnerability exists in the NETCORE Netis DL4323, which stems from the lack of proper validation of client data by the WEB application, and can be exploited by an attacker to execute client code...
Intelbras WRN 150 Cross-Site Scripting Vulnerability
Intelbras WRN 150 is a wireless router from Intelbras Poland. A cross-site scripting vulnerability exists in Intelbras WRN 150. The vulnerability stems from the lack of proper validation of client data by the WEB application. An attacker can exploit the vulnerability to execute client-side code...
Jiangnan Online Judge Cross-Site Scripting Vulnerability
Jiangnan Online Judge is an online evaluation system for computer programming. The system is mainly used for compiling and executing the source code submitted by users and checking the correctness of the program source code. A cross-site scripting vulnerability exists in Jiangnan Online Judge...
Backdrop CMS Cross-Site Scripting Vulnerability (CNVD-2019-26880)
Backdrop CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in Backdrop CMS version 1.12.x before 1.12.8 and version 1.13.x before 1.13.3. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker...
The vulnerability in the HTTP data path of the Storage Appliance Kit (AK) from Oracle Sun Systems Product Suite allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the HTTP data path subsystem in the Sun ZFS Storage Appliance Kit AK software package from Oracle Sun Systems Product Suite is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
ZTE OTCP Cross-Site Scripting Vulnerability
ZTE OTCP is a set of next-generation network management platform products from China's ZTE Corporation ZTE. A cross-site scripting vulnerability exists in ZTE OTCP 1.19.20.02 and earlier versions. The vulnerability stems from the lack of proper validation of client data by the WEB application. An...
Linear eMerge E3-Series Cross-Site Scripting Vulnerability
The Nortek Security & Control Linear eMerge E3-Series is an access control device from Nortek Security & Control USA. A cross-site scripting vulnerability exists in the Linear eMerge E3-Series. The vulnerability stems from a lack of proper validation of client data by the web application. An...
IPBRICK OS Cross-Site Scripting Vulnerability
IPBRICK OS is a Linux-based communication platform. The platform includes features such as document and process management, e-mail and collaboration tools. A cross-site scripting vulnerability exists in IPBRICK OS version 6.3. The vulnerability stems from a lack of proper validation of client dat...
Prometheus Cross-Site Scripting Vulnerability
Prometheus is open source software written in the Go language for recording real-time metrics from time-series databases built using the HTTP pull model. A cross-site scripting vulnerability exists in Prometheus versions prior to 2.7.1 that stems from a lack of proper validation of client-side da...