Novus Management System
Approved changes feed: RSS · Atom
cpe:2.3:a:aat:novus_management_system:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Aat (45e3b314-e777-533e-b9ed-a1b38f4e600b) |
|---|---|
| Product | Novus Management System (e282e63a-8ac3-540c-8451-8528cd62495c) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-34821 |
vulnerable | 2026-06-03 14:44:48.313376 |
Details available
Cross Site Scripting (XSS) vulnerability exists in AAT Novus Management System through 1.51.2. The WebUI has wrong HTTP 404 error handling implemented. A remote, unauthenticated attacker may be able to exploit the issue by sending malicious HTTP requests to non-existing URIs. The value of the URL path filename is copied into the HTML document as plain text tags.
Published: 2021-07-19T17:21:28.000Z
Updated: 2024-08-04T00:26:54.047Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34820 |
vulnerable | 2026-06-03 14:44:48.312966 |
Details available
Web Path Directory Traversal in the Novus HTTP Server. The Novus HTTP Server is affected by the Directory Traversal for Arbitrary File Access vulnerability. A remote, unauthenticated attacker using an HTTP GET request may be able to exploit this issue to access sensitive data. The issue was discovered in the NMS (Novus Management System) software through 1.51.2
Published: 2021-07-19T17:04:20.000Z
Updated: 2024-08-04T00:26:54.080Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.