CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Junhetec: >> Omnidirectional Communication System Security Vulnerabilities

CVE-2021-30172

Special characters of picture preview page in the Quan-Fang-Wei-Tong-Xun system are not filtered in users’ input, which allow remote authenticated attackers can inject malicious JavaScript and carry out Reflected XSS (Cross-site scripting) attacks, additionally access and manipulate customer’s information.

CVSS Score

4.6

EPSS Score

0.001

Published

2021-05-07

CVE-2021-30173

Local File Inclusion vulnerability of the omni-directional communication system allows remote authenticated attacker inject absolute path into Url parameter and access arbitrary file.

CVSS Score

6.5

EPSS Score

0.002

Published

2021-05-07

Page 1

Vulnerabilities

Vulnerable Software

Junhetec: >> Omnidirectional Communication System Security Vulnerabilities

Products

Pricing

Contact Us