8 results (0.012 seconds)

CVSS: 9.8EPSS: 0%CPEs: 42EXPL: 0

Synel Terminals - CWE-494: Download of Code Without Integrity Check Synel Terminals - CWE-494: Descarga de código sin comprobación de integridad. • https://www.gov.il/en/Departments/faq/cve_advisories • CWE-494: Download of Code Without Integrity Check •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

Synel SYnergy Fingerprint Terminals - CWE-78: 'OS Command Injection' • https://www.gov.il/en/Departments/faq/cve_advisories • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

Synel SYnergy Fingerprint Terminals - CWE-798: Use of Hard-coded Credentials • https://www.gov.il/en/Departments/faq/cve_advisories • CWE-798: Use of Hard-coded Credentials •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

insert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code. insertar código HTML / js dentro de la entrada how para llegar a la entrada vulnerable : Workers > worker nickname > inyectar en esta entrada el código • https://www.gov.il/en/departments/faq/cve_advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0

SYNEL - eharmony Authenticated Blind & Stored XSS. Inject JS code into the "comments" field could lead to potential stealing of cookies, loading of HTML tags and JS code onto the system. SYNEL - eharmony presenta una vulnerabilidad de tipo XSS Autenticado, Ciego y Almacenado. Una inyección de código JS en el campo "comments" podría conllevar un potencial robo de cookies, carga de etiquetas HTML y código JS en el sistema • https://www.gov.il/en/departments/faq/cve_advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •