Phoenix Security Vulnerabilities
Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code...
9.8CVSS
9.6AI Score
0.001EPSS
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local...
7.8CVSS
8.7AI Score
0.0004EPSS
A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege...
8.1CVSS
6.8AI Score
0.001EPSS
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local...
7.8CVSS
8.7AI Score
0.0004EPSS
tag.ex in Phoenix Phoenix.HTML (aka phoenix_html) before 3.0.4 allows XSS in HEEx class...
6.1CVSS
5.9AI Score
0.001EPSS
socket/transport.ex in Phoenix before 1.6.14 mishandles check_origin wildcarding. NOTE: LiveView applications are unaffected by default because of the presence of a LiveView CSRF...
7.5CVSS
7.5AI Score
0.001EPSS
The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering...
6.1CVSS
6.1AI Score
0.001EPSS
Multiple untrusted search path vulnerabilities in Phoenix Project Manager 2.1.0.8 allow local users to gain privileges via a Trojan horse (1) wbtrv32.dll or (2) w3btrv7.dll file in the current working directory, as demonstrated by a directory that contains a .ppx file. NOTE: some of these details.....
6.9AI Score
0.001EPSS
Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier allows attackers with Item/Configure permission to copy arbitrary files and directories from the Jenkins controller to the agent...
6.5CVSS
6.4AI Score
0.001EPSS
A missing permission check in Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in...
6.5CVSS
6.2AI Score
0.001EPSS
Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier does not configure its XML parser to prevent XML external entity (XXE)...
8.1CVSS
8AI Score
0.001EPSS
Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier allows attackers with Item/Configure permission to upload arbitrary files from the Jenkins controller via FTP to an attacker-specified FTP...
6.5CVSS
6.4AI Score
0.001EPSS
The Phoenix Media Rename WordPress plugin before 3.4.4 does not have capability checks in its phoenix_media_rename AJAX action, which could allow users with Author roles to rename any uploaded media files, including ones they do not...
4.3CVSS
4.5AI Score
0.001EPSS
Several XSS vulnerabilities in osCommerce CE Phoenix before 1.0.6.0 allow an attacker to inject and execute arbitrary JavaScript code. The malicious code can be injected as follows: the page parameter to catalog/admin/order_status.php, catalog/admin/tax_rates.php, catalog/admin/languages.php,...
6.1CVSS
6.3AI Score
0.001EPSS
Phoenix Hemodialysis Delivery System SW 3.36 and 3.40, The Phoenix Hemodialysis device does not support data-in-transit encryption (e.g., TLS/SSL) when transmitting treatment and prescription data on the network between the Phoenix system and the Exalis dialysis data management tool. An attacker...
7.5CVSS
7.4AI Score
0.001EPSS
ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network...
7.5CVSS
7.4AI Score
0.001EPSS
Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and transferred in clear...
7.3CVSS
7AI Score
0.013EPSS
The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without...
7.3CVSS
6.9AI Score
0.002EPSS
The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is...
7.3CVSS
7.1AI Score
0.002EPSS
An Improper Validation of Integrity Check Value issue was discovered in PHOENIX CONTACT mGuard firmware versions 7.2 to 8.6.0. mGuard devices rely on internal checksums for verification of the internal integrity of the update packages. Verification may not always be performed correctly, allowing...
7.8CVSS
7.6AI Score
0.001EPSS
An Information Exposure issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32. A remote unauthenticated attacker may be able to use Monitor Mode on the device to read diagnostic...
5.3CVSS
5.2AI Score
0.002EPSS
An Improper Authorization issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32. A remote unauthenticated attacker may be able to craft special HTTP requests allowing an attacker to bypass web-service authentication allowing...
9.8CVSS
9.6AI Score
0.005EPSS
A Cross-site Scripting issue was discovered in PHOENIX CONTACT FL COMSERVER BASIC 232/422/485, FL COMSERVER UNI 232/422/485, FL COMSERVER BAS 232/422/485-T, FL COMSERVER UNI 232/422/485-T, FL COM SERVER RS232, FL COM SERVER RS485, and PSI-MODEM/ETH (running firmware versions prior to 1.99, 2.20,...
6.1CVSS
6.3AI Score
0.011EPSS
A Use of Hard-Coded Password issue was discovered in Phoenix Broadband PowerAgent SC3 BMS, all versions prior to v6.87. Use of a hard-coded password may allow unauthorized access to the...
5.3CVSS
5.3AI Score
0.001EPSS
A Resource Exhaustion issue was discovered in Phoenix Contact GmbH mGuard firmware versions 8.3.0 to 8.4.2. An attacker may compromise the device's availability by performing multiple initial VPN...
7.5CVSS
7.4AI Score
0.001EPSS
An Improper Authentication issue was discovered in Phoenix Contact GmbH mGuard firmware versions 8.3.0 to 8.4.2. An attacker may be able to gain unauthorized access to the user firewall when RADIUS servers are...
4CVSS
4.3AI Score
0.001EPSS
An issue was discovered on Phoenix Contact mGuard devices that have been updated to Version 8.4.0. When updating an mGuard device to Version 8.4.0 via the update-upload facility, the update will succeed, but it will reset the password of the admin user to its default...
9.8CVSS
9.5AI Score
0.002EPSS
Multiple SQL injection vulnerabilities in Phoenix View CMS Pre Alpha2 and earlier allow remote attackers to execute arbitrary SQL commands via the del parameter to (1) gbuch.admin.php, (2) links.admin.php, (3) menue.admin.php, (4) news.admin.php, and (5) todo.admin.php in...
8.5AI Score
0.001EPSS
Multiple cross-site scripting (XSS) vulnerabilities in Phoenix View CMS Pre Alpha2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ltarget parameter to (a) admin/admin_frame.php and the (2) conf parameter to (b) gbuch.admin.php, (c) links.admin.php, (d)...
5.8AI Score
0.002EPSS
Directory traversal vulnerability in admin/admin_frame.php in Phoenix View CMS Pre Alpha2 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ltarget...
7.1AI Score
0.005EPSS
Multiple cross-site scripting (XSS) vulnerabilities in Phoenix Evolution CMS (PECMS) allow remote attackers to inject arbitrary web script or HTML via the (1) mod or (2) action parameters in index.php, or the (3) pageid parameter in modules/pageedit/index.php. NOTE: the provenance of this...
5.9AI Score
0.007EPSS
Multiple cross-site scripting (XSS) vulnerabilities in the Download module for PostNuke 0.750 and 0.760-RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) Program name, (2) File link, (3) Author name (4) Author e-mail address, (5) File size, (6) Version, or (7) Home page....
5.7AI Score
0.002EPSS