Jiraput Thamsongkrah

4 exploits Active since Jan 2021
CVE-2022-48311 NOMISEC CRITICAL WRITEUP
HP Deskjet 2540 A9U23B Firmware CEP1FN1418BR - Authenticated Stored Cross-Site Scripting via HTTP Configuration Page
**UNSUPPORTED WHEN ASSIGNED** Cross Site Scripting (XSS) in HP Deskjet 2540 series printer Firmware Version CEP1FN1418BR and Product Model Number A9U23B allows authenticated attacker to inject their own script into the page via HTTP configuration page. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
1 stars
CVSS 9.0
CVE-2020-27368 NOMISEC MEDIUM WRITEUP
TOTOLINK-A702R-V1.0.0-B20161227.1023 - Info Disclosure
Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B20161227.1023 allows attacker to access /icons/ directories via GET Parameter.
1 stars
CVSS 5.5
CVE-2020-26732 NOMISEC HIGH WRITEUP
SKYWORTH GN542VF 2.0.0.16 - Missing Secure Flag for Session Cookie
SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.
1 stars
CVSS 7.5
CVE-2020-26733 NOMISEC MEDIUM WRITEUP
SKYWORTH GN542VF 2.0.0.16 - Authenticated Stored Cross-Site Scripting via DDNS Configuration Section
Cross Site Scripting (XSS) in Configuration page in SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 allows authenticated attacker to inject their own script into the page via DDNS Configuration Section.
1 stars
CVSS 5.4