Lucene search
K
WikidsystemsTwo Factor Authentication Enterprise Server

5 matches found

CVE
CVE
added 2019/10/17 5:44 p.m.58 views

CVE-2019-17114

WiKID Systems 2FA Enterprise Server (up to 4.2.0-b2047) is affected by a stored and reflected XSS in the web interface. The vulnerability arises in /WiKIDAdmin/userPreregistration.jsp via the preRegistrationData parameter: a reflected XSS occurs after a .csv upload, and the malicious script is st...

6.1CVSS5.9AI score0.01659EPSS
Web
CVE
CVE
added 2019/10/17 5:46 p.m.57 views

CVE-2019-17115

CVE-2019-17115 concerns WiKID Systems 2FA Enterprise Server (through 4.2.0-b2047). The vulnerability is a stored cross-site scripting (XSS) in which the rendered_message field is retrieved and displayed unsanitized on Logs.jsp. An attacker can remotely populate rendered_message via multiple param...

6.1CVSS6AI score0.01659EPSS
Web
CVE
CVE
added 2019/10/17 6:8 p.m.56 views

CVE-2019-17119

CVE-2019-17119 affects WiKID Systems 2FA Enterprise Server. The vulnerability resides in Logs.jsp and allows authenticated users to execute arbitrary SQL commands via the source or subString parameters, with affected versions up to 4.2.0-b2053. Documented impacts include multi-statement SQL execu...

8.8CVSS9.2AI score0.01749EPSS
CVE
CVE
added 2019/10/17 5:42 p.m.55 views

CVE-2019-16917

WiKID Enterprise 2FA Enterprise Server (up to 4.2.0-b2047) is affected by an SQL injection in searchDevices.jsp. The uid and domain parameters are unsanitized and used in a SQL query built in buildSearchWhereClause, enabling arbitrary SQL execution as described by multiple sources. Public details...

8.8CVSS8.9AI score0.02143EPSS
CVE
CVE
added 2019/10/17 5:47 p.m.51 views

CVE-2019-17116

WiKID 2FA Enterprise Server (versions up to 4.2.0-b2047) is affected by a stored and reflected XSS vulnerability in /WiKIDAdmin/groups.jsp, where the groupName parameter triggers immediate reflected XSS after group creation and the script is stored for execution on subsequent visits. This CVE des...

6.1CVSS5.9AI score0.01659EPSS
Web