CVE-2019-25324 RICOH Web Image Monitor 1.09 - HTML Injection

RICOH Web Image Monitor 1.09 contains an HTML injection vulnerability in the address configuration CGI script that allows attackers to inject malicious HTML code. Attackers can exploit the entryNameIn and entryDisplayNameIn parameters to insert arbitrary HTML content, potentially enabling...

SAP Business Connector Cross-Site Scripting Vulnerability (CNVD-2025-29169)

SAP Business Connector is a middleware from SAP, Germany. A cross-site scripting vulnerability exists in SAP Business Connector due to improper validation of user-supplied input in the PRTG Web Monitor web interface. An attacker could exploit the vulnerability to access or modify information with...

EUVD-2021-23343

Malware in sbrugna...

EUVD-2025-4289

Malicious code in bioql PyPI...

CVE-2021-36755

Nightscout Web Monitor aka cgm-remote-monitor 14.2.2 allows XSS via a crafted X-Forwarded-For header...

Reflected cross-site scripting vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor

Overview Web Image Monitor provided by Ricoh Company, Ltd. is an web server included and runs in laser printers and MFPs multifunction printers. Web Image Monitor contains the vulnerability listed below. Reflected cross-site scripting CWE-79 - CVE-2025-41393 Juan Pablo Gomez Postigo of Sprocket...

CVE-2024-54820

XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input...

CVE-2024-54820

XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input...

CVE-2024-54820

XOne Web Monitor has an unauthenticated SQL injection in the login path. Affects version 02.10.2024.530 and framework 1.0.4.9, exploitable via the login endpoint (e.g. /webcore/api/itf/DoAction) where the where clause on LOGIN can be manipulated to enumerate all usernames and passwords. Evidence ...

CVE-2024-54820

XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input...

PT-2025-7776 · Unknown +1 · Xone Web Monitor +1

Name of the Vulnerable Software and Affected Versions: XOne Web Monitor version 02.10.2024.530 XOne Web Monitor framework version 1.0.4.9 Description: The issue is a SQL injection vulnerability located in the login page, allowing attackers to extract all usernames and passwords via a crafted inpu...

CVE-2024-54820

XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input...

XOne Web Monitor 安全漏洞

XOne Web Monitor is a monitoring dashboard from XOne. A security vulnerability exists in XOne Web Monitor version v02.10.2024.530, which stems from the presence of a SQL injection vulnerability that allows an attacker to steal all usernames and passwords via specially crafted input...

Exploit for CVE-2024-54820

Vulnerability: Unauthenticated SQL Injection - Clear Credentia...

CVE-2023-39464

Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this...

CVE-2021-36755

Nightscout Web Monitor aka cgm-remote-monitor 14.2.2 allows XSS via a crafted X-Forwarded-For header...

Design/Logic Flaw

Nightscout Web Monitor aka cgm-remote-monitor 14.2.2 allows XSS via a crafted X-Forwarded-For header...

CVE-2021-36755

CVE-2021-36755 affects Nightscout Web Monitor (cgm-remote-monitor) 14.2.2. The issue is an XSS via a crafted X-Forwarded-For header. CVSS data shows network access, low attack complexity, no privileges required, with user interaction required, and partial integrity impact (I:L) and low confidenti...

CVE-2021-36755

Nightscout Web Monitor aka cgm-remote-monitor 14.2.2 allows XSS via a crafted X-Forwarded-For header...

Nightscout Web Monitor 跨站脚本漏洞

Nightscout Web Monitor is an open source web monitor for healthcare that allows multiple caregivers to remotely view a patient's blood glucose data in real time. A security vulnerability exists in Nightscout Web Monitor a.k.a. cgm-remote-monitor 14.2.2 that allows XSS via a crafted x - forward -...