SD-330AC and AMC Manager provided by silex technology, Inc. contain a reflected cross-site scripting vulnerability. When a user logs in to the affected device and access some crafted web page, arbitra
SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a sensitive information in resource not removed before reuse. An attacker may login to the device without knowing the
SD-330AC and AMC Manager provided by silex technology, Inc. contain an improper neutralization of CRLF sequences ('CRLF Injection') vulnerability. Processing some crafted configuration data may lead t
SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue. The device configuration may be altered without authentication.
SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue on firmware maintenance. Arbitrary file may be uploaded on the device without a
SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a use of a broken or risky cryptographic algorithm. Information in the traffic may be retrieved via man-in-the-middle
SD-330AC and AMC Manager provided by silex technology, Inc. use a hard-coded cryptographic key. An administrative user may be directed to apply a fake firmware update.
A cross-site scripting vulnerability exists in Aterm. Arbitrary scripts may be executed in the web browser of a user accessing the web management interface via adjacent network.
Cross-site Scripting has been identified in Moxa’s Ethernet switches, which allows an authenticated administrative attacker to inject malicious scripts to an affected device’s web service that could i
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of th
A stored
cross-site scripting (XSS) vulnerability has been identified in the web
management interface of TP-Link's TL-SG108PE v5 switch due to improper sanitation of the SYSNAM
configuration parameter
A stored Cross-site Scripting (XSS) vulnerability affecting Change Governance in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbi
A vulnerability has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 20250831. This vulnerability affects unknown code of the file /index.php/sysmanage/Login. Such manipulation of the argument Nam
Cross-site scripting vulnerability exists in the web management page of PLANEX COMMUNICATIONS network cameras. If a logged-in user accesses a specific file, an arbitrary script may be executed on the
A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against
A vulnerability in the web-based management interface of network access control services could allow an unauthenticated remote attacker to conduct a Reflected Cross-Site Scripting (XSS) attack. Succes
Joomla JLex Review 6.0.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the review_id URL parameter. Attackers can craft mali
Stored cross-site scripting vulnerability exists in ELECOM wireless LAN access point devices. If one of the administrators input malicious data, an arbitrary script may be executed in another administ
A stored Cross-Site Scripting (XSS) vulnerability vulnerability was found in the File Explorer and Text Editor of ADM. An attacker could exploit this vulnerability to inject malicious scripts into the
A stored Cross-site Scripting (XSS) vulnerability affecting Requirements in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary
Page 1+ Next →