CVE-2020-15362

wifiscanner.js in thingsSDK WiFi Scanner 1.0.1 allows Code Injection because it can be used with options to overwrite the default executable/binary path and its arguments. An attacker can abuse this functionality to execute arbitrary code...

CVE-2019-15362

The Lava Iris 88 Go Android device with a build fingerprint of LAVA/iris88go/iris88go:8.1.0/O11019/1538188945:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify a...

CVE-2019-15362

creationtimestamp| type| source ---|---|--- 2024-02-14 15:56:41+00:00| seen| https://t.me/ctinow/184752...

sensorweb-desktop (=0.0.1) potentially affected by CVE-2020-15362 via wifiscanner (=0.0.10)

wifiscanner NPM version =0.0.10 is affected by a known vulnerability. The following packages have a transitive dependency on wifiscanner and may be impacted: - sensorweb-desktop =0.0.1 Source cves: CVE-2020-15362 Source advisory: OSV:GHSA-M6RW-M2V9-7HX4...

CVE-2020-15362

wifiscanner.js in thingsSDK WiFi Scanner 1.0.1 allows Code Injection because it can be used with options to overwrite the default executable/binary path and its arguments. An attacker can abuse this functionality to execute arbitrary code...

CVE-2020-15362

wifiscanner.js in thingsSDK WiFi Scanner 1.0.1 allows Code Injection because it can be used with options to overwrite the default executable/binary path and its arguments. An attacker can abuse this functionality to execute arbitrary code...

CVE-2020-15362

CVE-2020-15362 affects thingsSDK WiFi Scanner 1.0.1. The wifiscanner.js component allows Code Injection by accepting options that overwrite the default executable/binary path and its arguments, enabling arbitrary code execution. Root cause: insecure handling/override of executable path and argume...

CVE-2019-15362

CVE-2019-15362 affects the Lava Iris 88 Go Android device (build fingerprint LAVA/iris88_go/iris88_go:8.1.0/O11019/1538188945:user/release-keys). A pre-installed app with package name com.mediatek.wfo.impl (versionCode 27, versionName 8.1.0) exposes an interface that allows any co-located app to ...

CVE-2018-15362

XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0...

CVE-2018-15362

An XXE (XML External Entity) vulnerability (CWE-611) affects GE Proficy Cimplicity GDS in versions 9.0 R2, 9.5, 10.0. The root cause is improper restriction of XML external entities, enabling an attacker to initiate an OPC UA session and retrieve an arbitrary file. CVSSv3 base score 9.1 (CRITICAL...

CVE-2018-15362

XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0...

CVE-2017-15362

CVE-2017-15362 corresponds to a stored/reflected cross-site scripting (XSS) issue in osTicket 1.10.1 where an attacker can trigger JavaScript execution by persuading a logged-in user to click a crafted link in tickets.php (status parameter). The core problem is client-side script execution throug...