CVE-2019-25324 RICOH Web Image Monitor 1.09 - HTML Injection

RICOH Web Image Monitor 1.09 contains an HTML injection vulnerability in the address configuration CGI script that allows attackers to inject malicious HTML code. Attackers can exploit the entryNameIn and entryDisplayNameIn parameters to insert arbitrary HTML content, potentially enabling...

SAP Business Connector Cross-Site Scripting Vulnerability (CNVD-2025-29169)

SAP Business Connector is a middleware from SAP, Germany. A cross-site scripting vulnerability exists in SAP Business Connector due to improper validation of user-supplied input in the PRTG Web Monitor web interface. An attacker could exploit the vulnerability to access or modify information with...

EUVD-2021-23343

Malware in sbrugna...

EUVD-2025-4289

Malicious code in bioql PyPI...

CVE-2021-36755

Nightscout Web Monitor aka cgm-remote-monitor 14.2.2 allows XSS via a crafted X-Forwarded-For header...

Reflected cross-site scripting vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor

Overview Web Image Monitor provided by Ricoh Company, Ltd. is an web server included and runs in laser printers and MFPs multifunction printers. Web Image Monitor contains the vulnerability listed below. Reflected cross-site scripting CWE-79 - CVE-2025-41393 Juan Pablo Gomez Postigo of Sprocket...

CVE-2024-54820

XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input...

CVE-2024-54820

XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input...

CVE-2024-54820

XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input...

XOne Web Monitor 安全漏洞

XOne Web Monitor is a monitoring dashboard from XOne. A security vulnerability exists in XOne Web Monitor version v02.10.2024.530, which stems from the presence of a SQL injection vulnerability that allows an attacker to steal all usernames and passwords via specially crafted input...

PT-2025-7776 · Unknown +1 · Xone Web Monitor +1

Name of the Vulnerable Software and Affected Versions: XOne Web Monitor version 02.10.2024.530 XOne Web Monitor framework version 1.0.4.9 Description: The issue is a SQL injection vulnerability located in the login page, allowing attackers to extract all usernames and passwords via a crafted inpu...

CVE-2024-54820

XOne Web Monitor has an unauthenticated SQL injection in the login path. Affects version 02.10.2024.530 and framework 1.0.4.9, exploitable via the login endpoint (e.g. /webcore/api/itf/DoAction) where the where clause on LOGIN can be manipulated to enumerate all usernames and passwords. Evidence ...

CVE-2024-54820

XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input...

Exploit for CVE-2024-54820

Vulnerability: Unauthenticated SQL Injection - Clear Credentia...

CVE-2023-39464

Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this...

The vulnerability of the GTWWebMonitorService function in the CADA-system’s SCADA Data Gateway allows a intruder to execute arbitrary code.

The vulnerability of the GTWWebMonitorService function in the CADA-system’s SCADA Data Gateway SDG is related to the absence of quotation marks in the code for elements or search paths. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in the root context...

CVE-2021-36755

Nightscout Web Monitor aka cgm-remote-monitor 14.2.2 allows XSS via a crafted X-Forwarded-For header...

Design/Logic Flaw

Nightscout Web Monitor aka cgm-remote-monitor 14.2.2 allows XSS via a crafted X-Forwarded-For header...

CVE-2021-36755

Nightscout Web Monitor aka cgm-remote-monitor 14.2.2 allows XSS via a crafted X-Forwarded-For header...

CVE-2021-36755

CVE-2021-36755 affects Nightscout Web Monitor (cgm-remote-monitor) 14.2.2. The issue is an XSS via a crafted X-Forwarded-For header. CVSS data shows network access, low attack complexity, no privileges required, with user interaction required, and partial integrity impact (I:L) and low confidenti...