Filtered by vendor Synchroweb
Subscriptions
Filtered by product Kiwire
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-11190 | 1 Synchroweb | 1 Kiwire | 2025-11-03 | 5.4 Medium |
| The Kiwire Captive Portal contains an open redirection issue via the login-url parameter, allowing an attacker to redirect users to an attacker controlled website. | ||||
| CVE-2025-11189 | 1 Synchroweb | 1 Kiwire | 2025-11-03 | 7.3 High |
| The Kiwire Captive Portal contains a reflected cross-site scripting (XSS) vulnerability within the login-url parameter, allowing for Javascript execution. | ||||
| CVE-2025-11188 | 1 Synchroweb | 1 Kiwire | 2025-11-03 | 7.3 High |
| The Kiwire Captive Portal contains a blind SQL injection in the nas-id parameter, allowing for SQL commands to be issued and to compromise the corresponding database. | ||||
Page 1 of 1.