|
212431
|
6.1 |
MEDIUM
Network
|
zohocorp
|
manageengine_netflow_analyzer
|
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/index.jsp" file in the view GET parameter or any of these POST parameters: autorefTim…
|
CWE-79
Cross-site Scripting
|
CVE-2019-7424
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212432
|
6.1 |
MEDIUM
Network
|
zohocorp
|
manageengine_netflow_analyzer
|
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/editProfile.jsp" file in the userName parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7423
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212433
|
6.1 |
MEDIUM
Network
|
zohocorp
|
manageengine_netflow_analyzer
|
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/addMailSettings.jsp" file in the gF parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7422
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212434
|
6.1 |
MEDIUM
Network
|
samsung
|
syncthru_web_service
x7400gx_firmware
|
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.login/gnb/loginView.sws" in multiple parameters: contextpath and basedURL.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7421
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212435
|
6.1 |
MEDIUM
Network
|
samsung
|
syncthru_web_service
x7400gx_firmware
|
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.application/information/networkinformationView.sws" in the tabName parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7420
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212436
|
6.1 |
MEDIUM
Network
|
samsung
|
syncthru_web_service
x7400gx_firmware
|
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/leftmenu.sws" in multiple parameters: ruiFw_id, ruiFw_pid, ruiFw_title.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7419
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212437
|
6.1 |
MEDIUM
Network
|
samsung
|
syncthru_web_service
x7400gx_firmware
|
XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/swsAlert.sws" in multiple parameters: flag, frame, func, and Nfunc.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7418
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212438
|
6.1 |
MEDIUM
Network
|
ericsson
|
active_library_explorer
|
XSS exists in Ericsson Active Library Explorer (ALEX) 14.3 in multiple parameters in the "/cgi-bin/alexserv" servlet, as demonstrated by the DB, FN, fn, or id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7417
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212439
|
6.1 |
MEDIUM
Network
|
opentext
|
documentum_webtop
|
XSS and/or a Client Side URL Redirect exists in OpenText Documentum Webtop 5.3 SP2. The parameter startat in "/webtop/help/en/default.htm" is vulnerable.
|
CWE-79
CWE-601
Cross-site Scripting
Open Redirect
|
CVE-2019-7416
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212440
|
8.8 |
HIGH
Network
|
zyxel
|
dsl-491hnu-b10b_firmware
dsl-491hnu-b1b_v2_firmware
|
ZyXEL VMG3312-B10B DSL-491HNU-B1B v2 devices allow login/login-page.cgi CSRF.
|
CWE-352
Origin Validation Error
|
CVE-2019-7391
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
