CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-27509
https://notcve.org/view.php?id=CVE-2021-27509
In Visualware MyConnection Server before 11.0b build 5382, each published report is not associated with its own access code. En Visualware MyConnection Server versiones anteriores a 11.0b build 5382, cada reporte publicado no está asociado con su propio código de acceso • https://myconnectionserver.visualware.com/support/newrelease.html • CWE-863: Incorrect Authorization •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2015-2043 – MyConnection Server 8.2b Cross Site Scripting
https://notcve.org/view.php?id=CVE-2015-2043
Multiple cross-site scripting (XSS) vulnerabilities in Visualware MyConnection Server 8.2b allow remote attackers to inject arbitrary web script or HTML via the (1) bt, (2) variable, or (3) et parameter to myspeed/db/historyitem. Múltiples vulnerabilidades de XSS en Visualware MyConnection Server 8.2b permiten a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través del parámetro (1) bt, (2) variable, o (3) et en myspeed/db/historyitem. MyConnection Server version 8.2b suffers from a cross site scripting vulnerability. • http://packetstormsecurity.com/files/130490/MyConnection-Server-8.2b-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 3CVE-2014-5113
https://notcve.org/view.php?id=CVE-2014-5113
Multiple cross-site scripting (XSS) vulnerabilities in test.php in Visualware MyConnection Server 9.7i allow remote attackers to inject arbitrary web script or HTML via the (1) testtype, (2) ver, (3) cm, (4) map, (5) lines, (6) pps, (7) bpp, (8) codec, (9) provtext, (10) provtextextra, (11) provlink, or (12) duration parameter. Múltiples vulnerabilidades de XSS en test.php en Visualware MyConnection Server 9.7i permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro (1) testtype, (2) ver, (3) cm, (4) map, (5) lines, (6) pps, (7) bpp, (8) codec, (9) provtext, (10) provtextextra, (11) provlink o (12) duration. • http://packetstormsecurity.com/files/127545/MyConnection-Server-MCS-9.7i-Cross-Site-Scripting.html http://treadstonesecurity.blogspot.ca/2014/07/myconnection-server-mcs-reflective-xss.html http://www.securityfocus.com/bid/68793 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •