2 results (0.001 seconds)

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Múltiples Vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Xerox CentreWare Web (CWW) versiones anteriores a la 4.6.46, permiten a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrariamente a través de vectores sin especificar. • http://secunia.com/advisories/30978 http://www.securityfocus.com/bid/30151 http://www.xerox.com/downloads/usa/en/c/cert_XRX08_008.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/43671 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

Multiple SQL injection vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to execute arbitrary SQL commands via the unspecified vectors. Múltiples vulnerabilidades en Xerox CentreWare Web(CWW) anterior a 4.6.46, permite a usuarios autenticados remotamente ejecutar comandos SQL de su elección a través de vectores no especificados. • http://secunia.com/advisories/30978 http://www.securityfocus.com/bid/30151 http://www.xerox.com/downloads/usa/en/c/cert_XRX08_008.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/43672 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •