Search Results | AttackerKB

Show filters

Clear All

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

2 Total Results

Displaying 1-2 of 2

Attacker Value

Unknown

CVE-2021-35059

Disclosure Date: October 11, 2021 (last updated February 23, 2025)

OpenWay WAY4 ACS before 1.2.278-2693 allows XSS via the /way4acs/enroll action parameter.

Attacker Value

Unknown

CVE-2021-35060

Disclosure Date: October 11, 2021 (last updated February 23, 2025)

/way4acs/enroll in OpenWay WAY4 ACS before 1.2.278-2693 allows unauthenticated attackers to leverage response differences to discover whether a specific payment card number is stored in the system.

Attack Vector: Network Privileges: None User Interaction: None

2 Total Results

Displaying 1-2 of 2

Unknown

CVE-2021-35059

Unknown

CVE-2021-35060

Quick Cookie Notification