CVE-2022-1840 : Home Clean Services Management System Stored Cross-Site Scripting (XSS)

Description

Persistent XSS (or Stored XSS) attack is one of the three major categories of XSS attacks, the others being Non-Persistent (or Reflected) XSS and DOM-based XSS. In general, XSS attacks are based on the victim’s trust in a legitimate, but vulnerable, website or web application.Home Clean Services Management System does not filter the content correctly at the “register” module, resulting in the generation of stored XSS.

For more information

GitHub

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-2641 : HORNER AUTOMATION RCC 972 15.40 HARD-CODED KEY

CVE-2022-2641 : HORNER AUTOMATION RCC 972 15.40 HARD-CODED KEY

Description Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device. This could allow

CVE-2022-3270 : FESTO VTEM-S1 INSUFFICIENT TECHNICAL DOCUMENTATION

CVE-2022-3270 : FESTO VTEM-S1 INSUFFICIENT TECHNICAL DOCUMENTATION

Description In multiple products by Festo a remote unauthenticated attacker could use functions of an undocumented protocol which could lead

CVE-2022-4221 : ASUS NAS-M25 UP TO 1.0.1.7 COOKIE OS COMMAND INJECTION

CVE-2022-4221 : ASUS NAS-M25 UP TO 1.0.1.7 COOKIE OS COMMAND INJECTION

Description Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability in Asus NAS-M25 allows an