Search Results | AttackerKB

Show filters

Topics 5 Users 9,712

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

5 Total Results

Displaying 1-5 of 5

Attacker Value

Unknown

CVE-2022-25323

Disclosure Date: February 18, 2022 (last updated February 23, 2025)

ZEROF Web Server 2.0 allows /admin.back XSS.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2022-25322

Disclosure Date: February 18, 2022 (last updated February 23, 2025)

ZEROF Web Server 2.0 allows /HandleEvent SQL Injection.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2021-30175

Disclosure Date: April 13, 2021 (last updated February 22, 2025)

ZEROF Web Server 1.0 (April 2021) allows SQL Injection via the /HandleEvent endpoint for the login page.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2021-30176

Disclosure Date: April 13, 2021 (last updated February 22, 2025)

The ZEROF Expert pro/2.0 application for mobile devices allows SQL Injection via the Authorization header to the /v2/devices/add endpoint.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2002-0474

Disclosure Date: August 12, 2002 (last updated February 22, 2025)

Cross-site scripting vulnerability in ZeroForum allows remote attackers to execute arbitrary Javascript on web clients by embedding the script within IMG image tag.

0