Lucene search
+L

10 matches found

redhatcve
redhatcve
added 2026/01/07 9:30 a.m.8 views

CVE-2019-16917

WiKID Enterprise 2FA two factor authentication Enterprise Server through 4.2.0-b2047 is vulnerable to SQL injection through the searchDevices.jsp endpoint. The uid and domain parameters are used, unsanitized, in a SQL query constructed in the buildSearchWhereClause function...

8.8CVSS7.7AI score0.02143EPSS
Exploits3References1
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-7412

Malware in sbrugna...

8.8CVSS8.7AI score0.02143EPSS
Exploits3References5
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-7581

Malware in sbrugna...

6.1CVSS6.3AI score0.49955EPSS
Exploits3References5
cnvd
cnvd
added 2019/10/18 12:0 a.m.4 views

WiKID Systems 2FA Enterprise Server Cross-Site Scripting Vulnerability (CNVD-2019-43370)

WiKID Systems 2FA Enterprise Server is a two-factor authentication server from WiKID Systems, USA. A cross-site scripting vulnerability exists in WiKID 2FA Enterprise Server 4.2.0-b2047 and prior versions. The vulnerability stems from a WEB application lacking proper authentication of client data...

6.1CVSS6.6AI score0.49955EPSS
Exploits3References1
osv
osv
added 2019/10/17 7:15 p.m.5 views

CVE-2019-17120

A stored and reflected cross-site scripting XSS vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/admusrs.jsp. The usr parameter is vulnerable: the reflected cross-site scripting occurs immediately after...

6.1CVSS6.4AI score0.49955EPSS
Exploits3References3
osv
osv
added 2019/10/17 6:15 p.m.4 views

CVE-2019-17116

A stored and reflected cross-site scripting XSS vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/groups.jsp. The groupName parameter is vulnerable: the reflected cross-site scripting occurs immediately...

6.1CVSS6.4AI score0.01659EPSS
Exploits3References3
osv
osv
added 2019/10/17 6:15 p.m.3 views

CVE-2019-16917

WiKID Enterprise 2FA two factor authentication Enterprise Server through 4.2.0-b2047 is vulnerable to SQL injection through the searchDevices.jsp endpoint. The uid and domain parameters are used, unsanitized, in a SQL query constructed in the buildSearchWhereClause function...

8.8CVSS7.3AI score0.02143EPSS
Exploits3References3
prion
prion
added 2019/10/17 6:15 p.m.18 views

Sql injection

WiKID Enterprise 2FA two factor authentication Enterprise Server through 4.2.0-b2047 is vulnerable to SQL injection through the searchDevices.jsp endpoint. The uid and domain parameters are used, unsanitized, in a SQL query constructed in the buildSearchWhereClause function...

6.5CVSS8.9AI score0.02143EPSS
Exploits3References3Affected Software1
cvelist
cvelist
added 2019/10/17 5:42 p.m.21 views

CVE-2019-16917

WiKID Enterprise 2FA two factor authentication Enterprise Server through 4.2.0-b2047 is vulnerable to SQL injection through the searchDevices.jsp endpoint. The uid and domain parameters are used, unsanitized, in a SQL query constructed in the buildSearchWhereClause function...

9AI score0.02143EPSS
Exploits3References3
cve
cve
added 2019/10/17 5:42 p.m.57 views

CVE-2019-16917

WiKID Enterprise 2FA Enterprise Server (up to 4.2.0-b2047) is affected by an SQL injection in searchDevices.jsp. The uid and domain parameters are unsanitized and used in a SQL query built in buildSearchWhereClause, enabling arbitrary SQL execution as described by multiple sources. Public details...

8.8CVSS8.9AI score0.02143EPSS
Exploits3References3Affected Software1
Rows per page
Query Builder