Iframe injection vulnerability in airc.pt/solucoes-servicos.solucoes MyNET v.26.06 and before allows a remote attacker to execute arbitrary code via the src parameter.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:HAirc Mynet
APPAirc≤ 26.06
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
Related vulnerabilities
CVE-2024-35322MEDIUM6.1ten sam produkt
MyNET up to v26.08 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the fich...
CVE-2024-39037MEDIUM6.5ten sam produkt
MyNET up to v26.08.316 was discovered to contain an Unauthenticated SQL Injection vulnerability via the intmen...
CVE-2024-40317MEDIUM6.1ten sam produkt
A reflected cross-site scripting (XSS) vulnerability in MyNET up to v26.08 allows attackers to execute arbitra...
CVE-2024-25812MEDIUM6.1ten sam produkt
MyNET up to v26.05 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the src ...
CVE-2024-25814MEDIUM6.1ten sam produkt
MyNET up to v26.05 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the msg ...