Lucene search
K

4 matches found

OSV
OSV
added 2021/04/28 3:15 p.m.3 views

CVE-2020-21993

In WEMS Limited Enterprise Manager 2.58, input passed to the GET parameter 'email' is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML code in a user's browser session in context of an affected site...

6.1CVSS6AI score
Exploits0References2
CNNVD
CNNVD
added 2021/04/28 12:0 a.m.3 views

packetstormsecurity WEMS Enterprise Manager 跨站脚本漏洞

packetstormsecurity WEMS Enterprise Manager is a packetstormsecurity open source application. A centralized management and monitoring system for many WEMS-equipped sites. A cross-site scripting vulnerability exists in packetstormsecurity WEMS Enterprise Manager 2.58, which arises from input passe...

6.1CVSS5.9AI score0.00805EPSS
Exploits2References3
Packet Storm
Packet Storm
added 2019/12/30 12:0 a.m.128 views

WEMS Enterprise Manager 2.58 Cross Site Scripting

WEMS Enterprise Manager 2.58 email Reflected XSS Vendor: WEMS Limited Product web page: https://www.wems.co.uk Affected version: 2.58.8903 2.55.8806 2.55.8782 2.19.7959 Summary: WEMS Enterprise Manager is a centralised management and monitoring system for many WEMS equipped sites. It retrieves an...

0.2AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2019/12/29 12:0 a.m.73 views

WEMS Enterprise Manager 2.58 (email) Reflected XSS

Summary WEMS Enterprise Manager is a centralised management and monitoring system for many WEMS equipped sites. It retrieves and stores data to enable energy analysis at an enterprise wide level. It is designed to give global visibility of the key areas that affect a buildings' environmental and...

6.1CVSS6.6AI score0.00805EPSS
Exploits2
Rows per page
Query Builder