A Cross Site Scripting (XSS) vulnerability in Youxun Electronic Equipment (Shanghai) Co., Ltd AC Centralized Management Platform v1.02.040 allows attackers to execute arbitrary code via uploading a crafted HTML file to the interface /upfile.cgi.
References
| Link | Resource |
|---|---|
| https://github.com/hashshfza/Vulnerability/issues/1 | Exploit Issue Tracking Third Party Advisory |
| https://github.com/hashshfza/Vulnerability/issues/1 | Exploit Issue Tracking Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 08:07
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/hashshfza/Vulnerability/issues/1 - Exploit, Issue Tracking, Third Party Advisory |
21 Jun 2023, 02:11
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://github.com/hashshfza/Vulnerability/issues/1 - Exploit, Issue Tracking, Third Party Advisory | |
| First Time |
Ac Centralized Management Platform Project ac Centralized Management Platform
Ac Centralized Management Platform Project |
|
| CWE | CWE-79 | |
| CPE | cpe:2.3:a:ac_centralized_management_platform_project:ac_centralized_management_platform:1.02.040:*:*:*:*:*:*:* | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.8 |
12 Jun 2023, 13:28
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-06-12 13:15
Updated : 2024-11-21 08:07
NVD link : CVE-2023-34855
Mitre link : CVE-2023-34855
CVE.ORG link : CVE-2023-34855
JSON object : View
Products Affected
ac_centralized_management_platform_project
- ac_centralized_management_platform
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')