Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

18 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-16347

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.00069EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-16348

Malicious code in bioql PyPI...

8CVSS7.8AI score0.00047EPSS
Exploits0References1
NVD
NVDadded 2024/01/16 11:15 a.m.6 views

CVE-2024-0555

A Cross-Site Request Forgery CSRF vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could lead another user into executing unwanted actions inside the application they are logged in. This vulnerability is possible due to the lack of propper CSRF token...

8CVSS5.8AI score0.00047EPSS
Exploits0References1
OSV
OSVadded 2024/01/16 11:15 a.m.1 views

CVE-2024-0555

A Cross-Site Request Forgery CSRF vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could lead another user into executing unwanted actions inside the application they are logged in. This vulnerability is possible due to the lack of propper CSRF token...

8CVSS5.7AI score0.00047EPSS
Exploits0References1
NVD
NVDadded 2024/01/16 11:15 a.m.9 views

CVE-2024-0554

A Cross-site scripting XSS vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could store a malicious javascript payload in the device model parameter via '/setup/diagsirlearn.asp', allowing the attacker to retrieve the session details of another user...

5.5CVSS5.2AI score0.00069EPSS
Exploits0References1
OSV
OSVadded 2024/01/16 11:15 a.m.1 views

CVE-2024-0554

A Cross-site scripting XSS vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could store a malicious javascript payload in the device model parameter via '/setup/diagsirlearn.asp', allowing the attacker to retrieve the session details of another user...

5.4CVSS5.7AI score
Exploits0References1
Prion
Prionadded 2024/01/16 11:15 a.m.15 views

Cross site scripting

A Cross-site scripting XSS vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could store a malicious javascript payload in the device model parameter via '/setup/diagsirlearn.asp', allowing the attacker to retrieve the session details of another user...

4.9CVSS6AI score0.00069EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2024/01/16 11:15 a.m.14 views

Cross site request forgery (csrf)

A Cross-Site Request Forgery CSRF vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could lead another user into executing unwanted actions inside the application they are logged in. This vulnerability is possible due to the lack of propper CSRF token...

6CVSS7.2AI score0.00047EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2024/01/16 10:9 a.m.12 views

CVE-2024-0555 Cross-Site Request Forgery (CSRF) vulnerability on WIC1200

A Cross-Site Request Forgery CSRF vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could lead another user into executing unwanted actions inside the application they are logged in. This vulnerability is possible due to the lack of propper CSRF token...

4.6CVSS8.1AI score0.00047EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/01/16 10:9 a.m.2 views

CVE-2024-0555 Cross-Site Request Forgery (CSRF) vulnerability on WIC1200

A Cross-Site Request Forgery CSRF vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could lead another user into executing unwanted actions inside the application they are logged in. This vulnerability is possible due to the lack of propper CSRF token...

4.6CVSS6.2AI score0.00047EPSS
Exploits0References1
CVE
CVEadded 2024/01/16 10:9 a.m.29 views

CVE-2024-0555

CVE-2024-0555 describes a CSRF vulnerability in WIC1200 (version 1.1). The root cause is lack of proper CSRF token implementation, enabling an authenticated user to cause actions on behalf of another user within the authenticated session. Public sources in the provided set consistently reference ...

8CVSS7.8AI score0.00047EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/01/16 10:8 a.m.4 views

CVE-2024-0554 Cross-site scripting (XSS) vulnerability on WIC1200

A Cross-site scripting XSS vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could store a malicious javascript payload in the device model parameter via '/setup/diagsirlearn.asp', allowing the attacker to retrieve the session details of another user...

5.5CVSS5.3AI score0.00069EPSS
Exploits0References1
CVE
CVEadded 2024/01/16 10:8 a.m.38 views

CVE-2024-0554

The CVE-2024-0554 entry describes an XSS in Xantech WIC1200 v1.1. An authenticated user can store a malicious payload in the device model parameter via /setup/diags_ir_learn.asp, enabling retrieval of other users’ session details. Affected component: WIC1200 device, firmware 1.1. Root cause: impr...

5.5CVSS5.2AI score0.00069EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2024/01/16 10:8 a.m.13 views

CVE-2024-0554 Cross-site scripting (XSS) vulnerability on WIC1200

A Cross-site scripting XSS vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could store a malicious javascript payload in the device model parameter via '/setup/diagsirlearn.asp', allowing the attacker to retrieve the session details of another user...

5.5CVSS5.5AI score0.00069EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/01/16 12:0 a.m.3 views

WIC1200 Cross-Site Request Forgery Vulnerability

The Xantech WIC1200 is a Web Intelligence Controller from Xantech. A cross-site request forgery vulnerability exists in the Xantech WIC1200 version 1.1, which stems from the lack of a proper CSRF token implementation and can be exploited by an attacker to perform unwanted actions...

8CVSS6.8AI score0.00047EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/01/16 12:0 a.m.3 views

PT-2024-15654 · Wic1200 · Wic1200

Name of the Vulnerable Software and Affected Versions: WIC1200 version 1.1 Description: A Cross-Site Request Forgery CSRF vulnerability has been found, allowing an authenticated user to lead another user into executing unwanted actions inside the application they are logged in. This is due to the...

8CVSS7.8AI score0.00047EPSS
Exploits0References6
CNNVD
CNNVDadded 2024/01/16 12:0 a.m.1 views

Xantech WIC1200 Security Vulnerability

The Xantech WIC1200 is a Web Intelligence Controller from Xantech. A security vulnerability exists in the Xantech WIC1200 version 1.1 that originates from a vulnerability that allows a remote user to intercept traffic and retrieve other users' credentials and decode them in Base64, which can be...

7.1CVSS6.8AI score0.00181EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/01/16 12:0 a.m.4 views

Xantech WIC1200 Cross-Site Scripting Vulnerability

The Xantech WIC1200 is a Web Intelligent Controller from Xantech. A cross-site scripting vulnerability exists in the Xantech WIC1200 version 1.1, which originates from the fact that an authenticated user can store a malicious JavaScript load in the device model parameter via...

5.5CVSS6AI score0.00069EPSS
Exploits0References2
Rows per page
Query Builder