EUVD-2022-33848

Malicious code in bioql PyPI...

Apache Derby Injection Vulnerability

Apache Derby is an open source database management system from the Apache Foundation. A security vulnerability exists in Apache Derby versions 10.1.1.0 through 10.16.1.1, which originates from the ability to bypass LDAP authentication checks, potentially allowing an attacker to view and destroy...

CVE-2022-29511

A directory traversal vulnerability exists in the KnowledgebasePageActions.aspx ImportArticles functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2022-32573

A directory traversal vulnerability exists in the AssetActions.aspx addDoc functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2022-32763

A cross-site scripting xss sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability...

CVE-2022-29517

A directory traversal vulnerability exists in the HelpdeskActions.aspx edittemplate functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability...

Cross site scripting

A cross-site scripting xss sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability...

Cross site scripting

A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability...

Directory traversal

A directory traversal vulnerability exists in the HelpdeskActions.aspx edittemplate functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability...

PT-2022-19179 · Unknown · Lansweeper

Name of the Vulnerable Software and Affected Versions: Lansweeper version 10.1.1.0 Description: A stored cross-site scripting issue exists in the HdConfigActions.aspx altertextlanguages functionality. This allows an attacker to inject arbitrary Javascript code using a specially-crafted HTTP...

PT-2022-21448 · Unknown · Lansweeper

Name of the Vulnerable Software and Affected Versions: Lansweeper version 10.1.1.0 Description: A cross-site scripting xss sanitization vulnerability bypass exists in the SanitizeHtml functionality. This allows an attacker to send a specially-crafted HTTP request, leading to arbitrary Javascript...

Lansweeper 路径遍历漏洞

Lansweeper is an IT asset management system from Lansweeper Belgium. The system includes features such as IT asset discovery and network settings scanning. A path traversal vulnerability exists in Lansweeper version 10.1.1.0, which stems from the presence of a path than there, a specially crafted...

Lansweeper lansweeper AssetActions.aspx directory traversal vulnerability

Talos Vulnerability Report TALOS-2022-1528 Lansweeper lansweeper AssetActions.aspx directory traversal vulnerability December 1, 2022 CVE Number CVE-2022-32573 SUMMARY A directory traversal vulnerability exists in the AssetActions.aspx addDoc functionality of Lansweeper lansweeper 10.1.1.0. A...

Lansweeper 路径遍历漏洞

Lansweeper is an IT asset management system from Lansweeper Belgium. The system includes features such as IT asset discovery and network settings scanning. A path traversal vulnerability exists in Lansweeper version 10.1.1.0, which stems from the presence of directory traversal, where a specially...

Lansweeper 路径遍历漏洞

Lansweeper is an IT asset management system from Lansweeper Belgium. The system includes features such as IT asset discovery and network settings scanning. A path traversal vulnerability exists in Lansweeper version 10.1.1.0, which stems from the presence of a path than there, a specially crafted...

Lansweeper 跨站脚本漏洞

Lansweeper is an IT asset management system from Lansweeper Belgium. The system includes features such as IT asset discovery and network settings scanning. A security vulnerability exists in Lansweeper version 10.1.1.0. An attacker can exploit the vulnerability to inject arbitrary Javascript code...

Lansweeper 跨站脚本漏洞

Lansweeper is an IT asset management system from Lansweeper Belgium. The system includes features such as IT asset discovery and network settings scanning. A security vulnerability exists in Lansweeper version 10.1.1.0, which stems from the presence of stored cross-site scripting, where a special...