Lucene search
K

71 matches found

CNVD
CNVD
added 2020/05/09 12:0 a.m.1 views

Denial of Service Vulnerability in KingView web data transfer service (CNVD-2020-31722)

KingView is an industrial automation configuration software produced by Beijing Asian Control Technology Development Co. A denial of service vulnerability exists in the KingView web data transfer service. An attacker can exploit this vulnerability to launch a remote denial of service attack...

6.8AI score
Exploits0
CNVD
CNVD
added 2020/05/09 12:0 a.m.2 views

KingView web data transfer service suffers from denial of service vulnerability (CNVD-2020-31721)

KingView is an industrial automation configuration software produced by Beijing Asian Control Technology Development Co. A denial of service vulnerability exists in the KingView web data transfer service. An attacker can exploit this vulnerability to launch a remote denial of service attack...

6.8AI score
Exploits0
CNVD
CNVD
added 2020/04/16 12:0 a.m.2 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-27216)

The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in multiple NETGEAR products, which stems from a lack of proper validation of client data by a WEB application and can be exploited by an attacker to execute client-side code...

6CVSS6.5AI score0.00557EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/16 12:0 a.m.3 views

Cross-site scripting vulnerability in multiple NETGEAR products (CNVD-2020-27214)

The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR RBR50 version prior to 2.3.5.30, RBS50 version prior to 2.3.5.30, and RBK50 version prior to 2.3.5.30, which stems from the lack of proper validation of client-side data ...

6CVSS6.3AI score0.00299EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/16 12:0 a.m.2 views

NETGEAR RAX40 Cross-Site Scripting Vulnerability (CNVD-2020-24162)

The NETGEAR RAX40 is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR RAX40 prior to version 1.0.3.62, which stems from a lack of proper validation of client-side data by the WEB application and can be exploited by an attacker to execute client-side code...

4.8CVSS6.4AI score0.00485EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/16 12:0 a.m.4 views

NETGEAR RBR50, RBS50 and RBK50 Cross-Site Scripting Vulnerabilities

The NETGEAR RBK50, among others, is a wireless router from NETGEAR. A cross-site scripting vulnerability exists in the NETGEAR RBR50 version prior to 2.3.5.30, RBS50 version prior to 2.3.5.30, and RBK50 version prior to 2.3.5.30, which stems from the lack of proper validation of client-side data ...

6CVSS6.3AI score0.00439EPSS
Exploits0References1
CNVD
CNVD
added 2020/03/20 12:0 a.m.2 views

NETSAS Enigma NMS Cross-Site Scripting Vulnerability (CNVD-2020-18995)

NETSAS Enigma NMS is a suite of network management and monitoring tools from NETSAS Australia. A cross-site scripting vulnerability exists in NETSAS Enigma NMS version 65.0.0 and earlier. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An...

6.1CVSS6.4AI score0.00686EPSS
Exploits1References1
CNVD
CNVD
added 2020/01/19 12:0 a.m.2 views

SolarWinds Orion Platform Cross-Site Scripting Vulnerability

SolarWinds Orion Platform is a network fault and network performance management platform from SolarWinds, Inc. The platform provides real-time monitoring and analysis of network devices and supports a customizable web interface, multiple user opinions, and a mapped view of the entire network. A...

6.1CVSS6.4AI score0.0152EPSS
Exploits0References1
CNVD
CNVD
added 2020/01/10 12:0 a.m.2 views

Ignite Realtime Openfire Cross-Site Scripting Vulnerability (CNVD-2020-01243)

Ignite Realtime Openfire is the Ignite Realtime community of a Java development and based on XMPP formerly known as Jabber, Instant Messaging Protocol cross-platform open source real-time collaboration RTC server , it can build a highly efficient instant messaging server , and supports tens of...

6.1CVSS6.4AI score0.01411EPSS
Exploits1References1
CNVD
CNVD
added 2020/01/10 12:0 a.m.2 views

Ignite Realtime Openfire Cross-Site Scripting Vulnerability (CNVD-2020-01244)

Ignite Realtime Openfire is the Ignite Realtime community of a Java development and based on XMPP formerly known as Jabber, Instant Messaging Protocol cross-platform open source real-time collaboration RTC server , it can build a highly efficient instant messaging server , and supports tens of...

6.1CVSS6.4AI score0.01172EPSS
Exploits1References1
CNVD
CNVD
added 2019/12/29 12:0 a.m.3 views

NETCORE Netis DL4323 Cross-Site Scripting Vulnerability (CNVD-2020-01648)

NETCORE Netis DL4323 is a multi-function modem from China's NETCORE. A cross-site scripting vulnerability exists in the NETCORE Netis DL4323, which stems from the lack of proper validation of client data by the WEB application, and can be exploited by an attacker to execute client code...

6.1CVSS6.4AI score0.01776EPSS
Exploits1References1
CNVD
CNVD
added 2019/12/29 12:0 a.m.4 views

NETCORE Netis DL4323 Cross-Site Scripting Vulnerability

NETCORE Netis DL4323 is a multi-function modem from China's NETCORE. A cross-site scripting vulnerability exists in the NETCORE Netis DL4323, which stems from the lack of proper validation of client data by the WEB application, and can be exploited by an attacker to execute client code...

6.1CVSS6.4AI score0.01532EPSS
Exploits1References1
CNVD
CNVD
added 2019/11/09 12:0 a.m.3 views

Intelbras WRN 150 Cross-Site Scripting Vulnerability

Intelbras WRN 150 is a wireless router from Intelbras Poland. A cross-site scripting vulnerability exists in Intelbras WRN 150. The vulnerability stems from the lack of proper validation of client data by the WEB application. An attacker can exploit the vulnerability to execute client-side code...

6.1CVSS6.4AI score0.00686EPSS
Exploits1References1
CNVD
CNVD
added 2019/10/10 12:0 a.m.2 views

Jiangnan Online Judge Cross-Site Scripting Vulnerability

Jiangnan Online Judge is an online evaluation system for computer programming. The system is mainly used for compiling and executing the source code submitted by users and checking the correctness of the program source code. A cross-site scripting vulnerability exists in Jiangnan Online Judge...

6.1CVSS6.6AI score0.01068EPSS
Exploits1References1
CNVD
CNVD
added 2019/08/12 12:0 a.m.6 views

Backdrop CMS Cross-Site Scripting Vulnerability (CNVD-2019-26880)

Backdrop CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in Backdrop CMS version 1.12.x before 1.12.8 and version 1.13.x before 1.13.3. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker...

6.1CVSS6.4AI score0.00846EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/08/06 12:0 a.m.8 views

The vulnerability in the HTTP data path of the Storage Appliance Kit (AK) from Oracle Sun Systems Product Suite allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the HTTP data path subsystem in the Sun ZFS Storage Appliance Kit AK software package from Oracle Sun Systems Product Suite is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

6.4CVSS7.8AI score0.00942EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2019/07/22 12:0 a.m.3 views

ZTE OTCP Cross-Site Scripting Vulnerability

ZTE OTCP is a set of next-generation network management platform products from China's ZTE Corporation ZTE. A cross-site scripting vulnerability exists in ZTE OTCP 1.19.20.02 and earlier versions. The vulnerability stems from the lack of proper validation of client data by the WEB application. An...

4.8CVSS6.4AI score0.00491EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/04 12:0 a.m.3 views

Linear eMerge E3-Series Cross-Site Scripting Vulnerability

The Nortek Security & Control Linear eMerge E3-Series is an access control device from Nortek Security & Control USA. A cross-site scripting vulnerability exists in the Linear eMerge E3-Series. The vulnerability stems from a lack of proper validation of client data by the web application. An...

6.1CVSS6.4AI score0.55807EPSS
Exploits5References1
CNVD
CNVD
added 2019/05/13 12:0 a.m.5 views

IPBRICK OS Cross-Site Scripting Vulnerability

IPBRICK OS is a Linux-based communication platform. The platform includes features such as document and process management, e-mail and collaboration tools. A cross-site scripting vulnerability exists in IPBRICK OS version 6.3. The vulnerability stems from a lack of proper validation of client dat...

4.8CVSS6.4AI score0.00652EPSS
Exploits1References1
CNVD
CNVD
added 2019/03/27 12:0 a.m.28 views

Prometheus Cross-Site Scripting Vulnerability

Prometheus is open source software written in the Go language for recording real-time metrics from time-series databases built using the HTTP pull model. A cross-site scripting vulnerability exists in Prometheus versions prior to 2.7.1 that stems from a lack of proper validation of client-side da...

6.1CVSS7.9AI score0.02736EPSS
Exploits0References1
Rows per page
Query Builder