LAN Management System
CVEs (86)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-45003 | 0.00 | — | 0.03 | Jan 10, 2022 | Laundry Booking Management System 1.0 (Latest) and previous versions are affected by a remote code execution (RCE) vulnerability in profile.php through the "image" parameter that can execute a webshell payload. | |||
| CVE-2019-12391 | 0.00 | — | 0.01 | Dec 2, 2019 | The Anviz Management System for access control has insufficient logging for device events such as door open requests. | |||
| CVE-2018-18796 | 0.00 | — | 0.02 | Nov 16, 2018 | Library Management System 1.0 has SQL Injection via the "Search for Books" screen. | |||
| CVE-2010-4896 | 0.00 | — | 0.01 | Oct 8, 2011 | Cross-site scripting (XSS) vulnerability in admin/index.asp in Member Management System 4.0 allows remote attackers to inject arbitrary web script or HTML via the REF_URL parameter. | |||
| CVE-2007-2198 | 0.00 | — | 0.01 | Apr 24, 2007 | Cross-site scripting (XSS) vulnerability in LAN Management System (LMS) before 1.6.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably involving the OD parameter to contrib/formularz_przelewu_wplaty/druk.php. | |||
| CVE-2006-0886 | 0.00 | — | 0.01 | Feb 25, 2006 | Cross-site scripting (XSS) vulnerability in register.php in DEV web management system 1.5 allows remote attackers to inject arbitrary web script or HTML via the "City/Region" field (mesto variable). NOTE: the provenance of this information is unknown; the details are obtained… |
- CVE-2021-45003Jan 10, 2022risk 0.00cvss —epss 0.03
Laundry Booking Management System 1.0 (Latest) and previous versions are affected by a remote code execution (RCE) vulnerability in profile.php through the "image" parameter that can execute a webshell payload.
- CVE-2019-12391Dec 2, 2019risk 0.00cvss —epss 0.01
The Anviz Management System for access control has insufficient logging for device events such as door open requests.
- CVE-2018-18796Nov 16, 2018risk 0.00cvss —epss 0.02
Library Management System 1.0 has SQL Injection via the "Search for Books" screen.
- CVE-2010-4896Oct 8, 2011risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in admin/index.asp in Member Management System 4.0 allows remote attackers to inject arbitrary web script or HTML via the REF_URL parameter.
- CVE-2007-2198Apr 24, 2007risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in LAN Management System (LMS) before 1.6.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably involving the OD parameter to contrib/formularz_przelewu_wplaty/druk.php.
- CVE-2006-0886Feb 25, 2006risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in register.php in DEV web management system 1.5 allows remote attackers to inject arbitrary web script or HTML via the "City/Region" field (mesto variable). NOTE: the provenance of this information is unknown; the details are obtained…
Page 5 of 5