8 matches found
CVE-2023-31452
A cross-site request forgery CSRF token bypass was identified in PRTG 23.2.84.1566 and earlier versions that allows remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request. This could...
EUVD-2023-35758
Malicious code in bioql PyPI...
CVE-2023-31448
A path traversal vulnerability was identified in the HL7 sensor in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the HL7 sensor into behaving differently for existing files and non-existing files. This made it possible to traverse paths,...
CVE-2023-32781
A command injection vulnerability was identified in PRTG 23.2.84.1566 and earlier versions in the HL7 sensor where an authenticated user with write permissions could abuse the debug option to write new files that could potentially get executed by the EXE/Script sensor. The severity of this...
CVE-2023-31450
A path traversal vulnerability was identified in the SQL v2 sensors in PRTG 23.2.84.1566 and earlier versions where an authenticated user with write permissions could trick the SQL v2 sensors into behaving differently for existing files and non-existing files. This made it possible to traverse...
PT-2023-23333 · Prtg · Prtg
Name of the Vulnerable Software and Affected Versions: PRTG versions 23.2.84.1566 and earlier Description: A path traversal vulnerability was identified in the HL7 sensor where an authenticated user with write permissions could trick the sensor into behaving differently for existing files and...
PT-2023-23336 · Prtg · Prtg
Name of the Vulnerable Software and Affected Versions: PRTG versions 23.2.84.1566 and earlier Description: A path traversal vulnerability was identified in the SQL v2 sensors where an authenticated user with write permissions could trick the sensors into behaving differently for existing and...
PT-2023-24015 · Paessler · Prtg
Name of the Vulnerable Software and Affected Versions: PRTG versions 23.2.84.1566 and earlier Description: A command injection issue was identified in the HL7 sensor of PRTG, where an authenticated user with write permissions could abuse the debug option to write new files that could potentially...