10 matches found
EUVD-2024-54806
Malicious code in bioql PyPI...
CVE-2024-55040
Cross Site Scripting vulnerability in Sensaphone WEB600 Monitoring System v.1.6.5.H and before allows a remote attacker to execute arbitrary code via a crafted GET requests to /@.xml, placing payloads in the g7200, g7300, g4601, and g1F02 parameters...
CVE-2024-55040
Cross Site Scripting vulnerability in Sensaphone WEB600 Monitoring System v.1.6.5.H and before allows a remote attacker to execute arbitrary code via a crafted GET requests to /@.xml, placing payloads in the g7200, g7300, g4601, and g1F02 parameters...
CVE-2024-55040
Cross Site Scripting vulnerability in Sensaphone WEB600 Monitoring System v.1.6.5.H and before allows a remote attacker to execute arbitrary code via a crafted GET requests to /@.xml, placing payloads in the g7200, g7300, g4601, and g1F02 parameters...
CVE-2024-55040
CVE-2024-55040 affects Sensaphone WEB600 Monitoring System (firmware v1.6.5.H and earlier). The issue is a cross-site scripting (XSS) vulnerability that can be triggered by crafted GET requests to /@.xml, with payloads placed in parameters such as g7200, g7300, g4601, and g1F02. The concrete impa...
CVE-2024-55040
Cross Site Scripting vulnerability in Sensaphone WEB600 Monitoring System v.1.6.5.H and before allows a remote attacker to execute arbitrary code via a crafted GET requests to /@.xml, placing payloads in the g7200, g7300, g4601, and g1F02 parameters...
Sensaphone WEB600 Monitoring System 安全漏洞
Sensaphone WEB600 Monitoring System is a remote monitoring and data logging device from Sensaphone USA. A security vulnerability exists in Sensaphone WEB600 Monitoring System version 1.6.5.H and prior versions, which stems from vulnerability to cross-site scripting attacks that could lead to the...
CVE-2024-55040
Cross Site Scripting vulnerability in Sensaphone WEB600 Monitoring System v.1.6.5.H and before allows a remote attacker to execute arbitrary code via a crafted GET requests to /@.xml, placing payloads in the g7200, g7300, g4601, and g1F02 parameters...
PT-2025-5686 · Sensaphone · Sensaphone Web600
Name of the Vulnerable Software and Affected Versions: Sensaphone Web600 affected versions not specified Description: The issue concerns stored cross-site scripting XSS in the system's Setup, Profile, and Zone options. This means that an attacker could potentially inject malicious code into these...
Exploit for Cross-site Scripting in Sensaphone Web600_Firmware
SENSAPHONE VULNERABILITY DISCLOSURE Summary In mid-Sep...