CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A stored and reflected cross-site scripting XSS vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/admusrs.jsp. The usr parameter is vulnerable: the reflected cross-site scripting occurs immediately after...

6.1CVSS5.5AI score0.49955EPSS

Exploits3References1

RedhatCVE•added 2025/05/22 10:3 a.m.•7 views

CVE-2019-17117

A SQL injection vulnerability in processPref.jsp in WiKID 2FA Enterprise Server through 4.2.0-b2053 allows an authenticated user to execute arbitrary SQL commands via the processPref.jsp key parameter...

8.8CVSS8.3AI score0.01749EPSS

Exploits3References1

RedhatCVE•added 2025/05/22 10:2 a.m.•5 views

CVE-2019-17118

A CSRF issue in WiKID 2FA Enterprise Server through 4.2.0-b2053 allows a remote attacker to trick an authenticated user into performing unintended actions such as 1 create or delete admin users; 2 create or delete groups; or 3 create, delete, enable, or disable normal users or devices...

8.8CVSS6.8AI score0.00937EPSS

Exploits3References1

RedhatCVE•added 2025/05/22 10:2 a.m.•6 views

CVE-2019-17114

A stored and reflected cross-site scripting XSS vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allows remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/userPreregistration.jsp. The preRegistrationData parameter is vulnerable: a reflected cross-site scriptin...

6.1CVSS5.5AI score0.01659EPSS

Exploits3References1

RedhatCVE•added 2025/05/22 10:2 a.m.•10 views

CVE-2019-17116

A stored and reflected cross-site scripting XSS vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/groups.jsp. The groupName parameter is vulnerable: the reflected cross-site scripting occurs immediately...

6.1CVSS5.5AI score0.01659EPSS

Exploits3References1

RedhatCVE•added 2025/05/22 8:38 a.m.•6 views

CVE-2019-17119

Multiple SQL injection vulnerabilities in Logs.jsp in WiKID 2FA Enterprise Server through 4.2.0-b2053 allow authenticated users to execute arbitrary SQL commands via the source or subString parameter...

8.8CVSS8.5AI score0.01749EPSS

Exploits3References1

Check Point Advisories•added 2020/04/19 12:0 a.m.•3 views

WiKID 2FA Enterprise Server Cross-Site Scripting (CVE-2019-17116)

A cross-site scripting vulnerability exists in WiKID 2FA Enterprise Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

4.3CVSS4.4AI score0.01659EPSS

Exploits3

Check Point Advisories•added 2020/02/27 12:0 a.m.•3 views

WiKID 2FA Enterprise Server SQL Injection (CVE-2019-16917; CVE-2019-17117; CVE-2019-17119)

An SQL injection vulnerability exists in WiKID 2FA Enterprise Server. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL commands against the database on the target server...

6.5CVSS3.6AI score0.02143EPSS

Exploits5

Check Point Advisories•added 2020/02/25 12:0 a.m.•2 views

WiKID 2FA Enterprise Server Stored Cross-Site Scripting (CVE-2019-17115)

A stored cross-site scripting vulnerability exists in WiKID 2FA Enterprise Server. Successful exploitation of this vulnerability could allow the attacker to execute arbitrary script code on the affected system...

4.3CVSS3.6AI score0.01659EPSS

Exploits3

NVD•added 2019/10/17 7:15 p.m.•13 views

CVE-2019-17120

6.1CVSS6AI score0.49955EPSS

Exploits3References3

NVD•added 2019/10/17 7:15 p.m.•16 views

CVE-2019-17119

8.8CVSS9.3AI score0.01749EPSS

Exploits3References3

Prion•added 2019/10/17 7:15 p.m.•14 views

Sql injection

6.5CVSS9.2AI score0.01749EPSS

Exploits3References3Affected Software1

Prion•added 2019/10/17 7:15 p.m.•18 views

Cross site scripting

4.3CVSS5.9AI score0.49955EPSS

Exploits3References3Affected Software1

NVD•added 2019/10/17 6:15 p.m.•9 views

CVE-2019-17116

A stored and reflected cross-site scripting XSS vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/groups.jsp. The groupName parameter is vulnerable: the reflected cross-site scripting occurs immediately...

6.1CVSS6AI score0.01659EPSS

Exploits3References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by