47 matches found
CVE-2019-18871
A path traversal in debug.php accessed via default.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to upload arbitrary files, leading to arbitrary remote code execution...
CVE-2019-18866
Unauthenticated SQL injection via the username in the login mechanism in Blaauw Remote Kiln Control through v3.00r4 allows a user to extract arbitrary data from the rkc database...
CVE-2019-18872
Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set short or guessable passwords e.g., 1 or 1234...
CVE-2019-18867
Browsable directories in Blaauw Remote Kiln Control through v3.00r4 allow an attacker to enumerate sensitive filenames and locations, including source code. This affects /ajax/, /common/, /engine/, /flash/, /images/, /Images/, /jscripts/, /lang/, /layout/, /programs/, and /sms/...
CVE-2019-18869
Leftover Debug Code in Blaauw Remote Kiln Control through v3.00r4 allows a user to execute arbitrary php code via /default.php?idx=17...
EUVD-2019-8559
Malware in sbrugna...
EUVD-2019-8561
Malware in sbrugna...
EUVD-2019-8562
Malware in sbrugna...
EUVD-2019-8566
Malware in sbrugna...
EUVD-2019-8567
Malware in sbrugna...
EUVD-2019-8563
Malware in sbrugna...
CVE-2019-18864
/server-info and /server-status in Blaauw Remote Kiln Control through v3.00r4 allow an unauthenticated attacker to gain sensitive information about the host machine...
Blaauw Remote Kiln Control Path Traversal Vulnerability (CNVD-2020-28490)
The Blaauw Remote Kiln Control is an automated ceramic kiln controller from Blaauw in the Netherlands. A path traversal vulnerability exists in Blaauw Remote Kiln Control. An attacker could use this vulnerability to download arbitrary files from the host device...
Blaauw Remote Kiln Control Information Disclosure Vulnerability (CNVD-2020-28484)
The Blaauw Remote Kiln Control is an automated ceramic kiln controller from Blaauw in the Netherlands. An information disclosure vulnerability exists in Blaauw Remote Kiln Control. An attacker can exploit this vulnerability to disclose information by enumerating valid usernames...
Unspecified Vulnerability in Blaauw Remote Kiln Control (CNVD-2020-28486)
The Blaauw Remote Kiln Control is an automated ceramic kiln controller from Blaauw in the Netherlands. An unspecified vulnerability exists in Blaauw Remote Kiln Control. An attacker can exploit this vulnerability to access MySQL credentials in plaintext in /engine/db.inc, /lang/nl.bak, or...
CVE-2019-18866
Unauthenticated SQL injection via the username in the login mechanism in Blaauw Remote Kiln Control through v3.00r4 allows a user to extract arbitrary data from the rkc database...
CVE-2019-18864
/server-info and /server-status in Blaauw Remote Kiln Control through v3.00r4 allow an unauthenticated attacker to gain sensitive information about the host machine...
CVE-2019-18866
Unauthenticated SQL injection via the username in the login mechanism in Blaauw Remote Kiln Control through v3.00r4 allows a user to extract arbitrary data from the rkc database...
CVE-2019-18870
A path traversal via the iniFile parameter in excel.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to download arbitrary files from the host machine...
CVE-2019-18871
A path traversal in debug.php accessed via default.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to upload arbitrary files, leading to arbitrary remote code execution...