Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Retrofit Security Vulnerabilities

cve
cve

CVE-2023-5880

When the Genie Company Aladdin Connect garage door opener (Retrofit-Kit Model ALDCM) is placed into configuration mode the web servers “Garage Door Control Module Setup” page is vulnerable to XSS via a broadcast SSID name containing malicious code with client side Java Script and/or HTML. This...

8.8CVSS

8.2AI Score

0.0005EPSS

2024-01-03 08:15 PM
19
cve
cve

CVE-2023-5881

Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect (Retrofit-Kit Model ALDCM) "Garage Door Control Module Setup" and modify the Garage door's SSID...

8.2CVSS

8.2AI Score

0.001EPSS

2024-01-03 08:15 PM
16
cve
cve

CVE-2018-1000844

Square Open Source Retrofit version Prior to commit 4a693c5aeeef2be6c7ecf80e7b5ec79f6ab59437 contains a XML External Entity (XXE) vulnerability in JAXB that can result in An attacker could use this to remotely read files from the file system or to perform SSRF.. This vulnerability appears to have.....

9.1CVSS

9AI Score

0.002EPSS

2022-10-03 04:21 PM
51
cve
cve

CVE-2018-1000850

Square Retrofit version versions from (including) 2.0 and 2.5.0 (excluding) contains a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter that can result in By manipulating the URL an attacker could add or delete resources otherwise unavailable to her.. This attack.....

7.5CVSS

7.4AI Score

0.004EPSS

2018-12-20 03:29 PM
64