Search Results | AttackerKB

Show filters

Clear All

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

2 Total Results

Displaying 1-2 of 2

Attacker Value

Unknown

CVE-2018-19927

Disclosure Date: December 06, 2018 (last updated November 27, 2024)

Zenitel Norway IP-StationWeb before 4.2.3.9 allows stored XSS via the Display Name for Station Status or Account Settings, related to the goform/zForm_save_changes sip_nick parameter. The password of alphaadmin for the admin account may be used for authentication in some cases.

Attacker Value

Unknown

CVE-2018-19926

Disclosure Date: December 06, 2018 (last updated November 27, 2024)

Zenitel Norway IP-StationWeb before 4.2.3.9 allows reflected XSS via the goform/ PATH_INFO.

2 Total Results

Displaying 1-2 of 2

Unknown

CVE-2018-19927

Unknown

CVE-2018-19926

Quick Cookie Notification