CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/05/04 12:43 a.m.•0 views

CVE-2026-42367

6.5CVSS5.8AI score0.00271EPSS

CVE•added 2026/05/04 12:43 a.m.•18 views

CVE-2026-42367

CVE-2026-42367 affects GeoVision LPC2011/LPC2211 Web Interface, ssi.cgi on version 1.10. A privilege-escalation path exists where a specially crafted HTTP request can leak Administrator credentials via the web interface, enabling access with elevated privileges after a user visits a crafted page....

6.5CVSS5.8AI score0.00271EPSS

ATTACKERKB•added 2026/05/04 12:43 a.m.•2 views

CVE-2026-7371

Multiple reflected cross-site scripting xss vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this...

Vulnrichment•added 2026/05/04 12:43 a.m.•4 views

CVE-2026-7371 GeoVision LPC2011/LPC2211 Web Interface / ssi.cgi reflected cross-site scripting (XSS) vulnerabilities

Cvelist•added 2026/05/04 12:43 a.m.•30 views

CVE-2026-7371 GeoVision LPC2011/LPC2211 Web Interface / ssi.cgi reflected cross-site scripting (XSS) vulnerabilities

7.4CVSS0.00196EPSS

CVE•added 2026/05/04 12:43 a.m.•11 views

CVE-2026-7371

GeoVision LPC2011/LPC2211 Web Interface / ssi.cgi is affected by reflected XSS in version 1.10. A attacker can trigger arbitrary JavaScript by providing a crafted URL, with exploitation described as reflected XSS via the error message for non-existing pages. CVSS v3.1 base score 7.4 (HIGH) with N...

Exploits0References2Affected Software1

Cvelist•added 2026/05/04 12:42 a.m.•29 views

CVE-2026-42366 GeoVision LPC2011/LPC2211 Web Interface / ssi.cgi reflected cross-site scripting (XSS) vulnerabilities

7.4CVSS0.00196EPSS

Vulnrichment•added 2026/05/04 12:42 a.m.•4 views

CVE-2026-42366 GeoVision LPC2011/LPC2211 Web Interface / ssi.cgi reflected cross-site scripting (XSS) vulnerabilities

CVE•added 2026/05/04 12:42 a.m.•14 views

CVE-2026-42366

GeoVision LPC2011/LPC2211 Web Interface (ssi.cgi) contains reflected XSS vulnerabilities in version 1.10. A crafted URL can trigger arbitrary JavaScript execution in the context of the user’s browser. The CVSSv3.1 vector is AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N with a base score of 7.4 (HIGH). Expl...

Exploits0References2Affected Software1

ATTACKERKB•added 2026/05/04 12:42 a.m.•4 views

CVE-2026-42365

A guessable session cookie vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted series of HTTP requests can lead to an authentication bypas. An attacker can bruteforce session cookies to trigger this vulnerability...

EUVD•added 2026/05/04 12:42 a.m.•4 views

EUVD-2026-26856

Vulnrichment•added 2026/05/04 12:42 a.m.•6 views

CVE-2026-42365 GeoVision LPC2011/LPC2211 Web Interface guessable session cookie vulnerability

CVE•added 2026/05/04 12:42 a.m.•13 views

CVE-2026-42365

GeoVision GeoVision LPC2011/LPC2211 Web Interface (version 1.10) exposes a session cookie vulnerability that allows authentication bypass through a crafted sequence of HTTP requests and brute-forcing session cookies. The CVE notes a network‑based, low‑complexity exposure with no user interaction ...

Cvelist•added 2026/05/04 12:42 a.m.•35 views

CVE-2026-42365 GeoVision LPC2011/LPC2211 Web Interface guessable session cookie vulnerability

8.6CVSS0.00329EPSS

Positive Technologies•added 2026/05/04 12:0 a.m.•17 views

PT-2026-37203

Name of the Vulnerable Software and Affected Versions Pelican versions 7.21.0 through 7.21.4 Pelican versions 7.22.0 through 7.22.2 Pelican versions 7.23.0 through 7.23.2 Pelican versions 7.24.0 through 7.24.1 Description A privilege escalation issue exists in the Web User Interface WebUI that...

9CVSS5.8AI score0.0032EPSS

Exploits0References5

Positive Technologies•added 2026/05/04 12:0 a.m.•5 views

PT-2026-36735

Name of the Vulnerable Software and Affected Versions GeoVision LPC2011/LPC2211 version 1.10 Description A privilege escalation issue exists in the Web Interface functionality, specifically within the 'ssi.cgi' endpoint. A specially crafted HTTP request can lead to the leak of Administrator...

6.5CVSS5.2AI score0.00271EPSS

Exploits0References7

CNNVD•added 2026/05/04 12:0 a.m.•8 views

GeoVision LPC2011和GeoVision LPC2211 安全漏洞

Both GeoVision LPC2011 and GeoVision LPC2211 are network monitoring control devices produced by the Chinese company GeoVision. The version 1.10 of GeoVision LPC2011 and GeoVision LPC2211 contain security vulnerabilities. These vulnerabilities stem from privilege escalation within the Web Interfac...

9.9CVSS5.9AI score0.00348EPSS

Exploits0References1

CNNVD•added 2026/05/04 12:0 a.m.•7 views

GeoVision LPC2011和GeoVision LPC2211 安全漏洞

Both GeoVision LPC2011 and GeoVision LPC2211 are network monitoring control devices produced by the Chinese company GeoVision. Version 1.10 of GeoVision LPC2011 and GeoVision LPC2211 contain security vulnerabilities. These vulnerabilities stem from predictable session cookies within the Web...