Junhetec - Omnidirectional Communication System CVE - OpenCVE

Filtered by vendor Junhetec Subscriptions

Filtered by product Omnidirectional Communication System Subscriptions

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-30172	1 Junhetec	1 Omnidirectional Communication System	2024-09-17	4.6 Medium
Special characters of picture preview page in the Quan-Fang-Wei-Tong-Xun system are not filtered in users’ input, which allow remote authenticated attackers can inject malicious JavaScript and carry out Reflected XSS (Cross-site scripting) attacks, additionally access and manipulate customer’s information.
CVE-2021-30173	1 Junhetec	1 Omnidirectional Communication System	2024-09-17	6.5 Medium
Local File Inclusion vulnerability of the omni-directional communication system allows remote authenticated attacker inject absolute path into Url parameter and access arbitrary file.

Page 1 of 1.