272 matches found
SAP CMC Promotion Management 代码问题漏洞
SAP CMC Promotion Management is a software for managing and migrating content from SAP, Germany. A code issue vulnerability exists in SAP CMC Promotion Management that originates from a verified attacker who can enumerate internal network systems, potentially leading to information disclosure...
Malicious code in cmc-core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a5a8b47acbc96bb3300d8a151d3e815bd1ed23b9ffa960bea03f4a2d2508ae4 Any computer that has this package installed or running should be considered...
MAL-2025-5629 Malicious code in cmc-core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a5a8b47acbc96bb3300d8a151d3e815bd1ed23b9ffa960bea03f4a2d2508ae4 Any computer that has this package installed or running should be considered...
CVE-2024-13090 Privilege escalation in Guardian/CMC before 24.6.0
A privilege escalation vulnerability may enable a service account to elevate its privileges. The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as that account. It is...
Privilege escalation in Guardian/CMC before 24.6.0
Summary A privilege escalation vulnerability may enable a service account to elevate its privileges. Impact The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as that...
CVE-2023-22378
A blind SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the sorting parameter, allows an authenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application. Authenticated users may be able to extract arbitrary...
CVE-2020-25050
An issue was discovered on Samsung mobile devices with P9.0 and Q10.0 software. The CMC service allows attackers to obtain sensitive information. The Samsung ID is SVE-2020-17288 August 2020...
CVE-2019-19393
The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.002 to V3.15.704 devices fails to sanitize user input on the system configurations page. This allows an attacker to backdoor the device with HTML and browser-interpreted content such as JavaScript or other client-side scripts as the...
CVE-2025-23746
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Edem CMC MIGRATE cmc-migrate allows Reflected XSS.This issue affects CMC MIGRATE: from n/a through = 0.0.3...
CVE-2025-23746
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Edem CMC MIGRATE cmc-migrate allows Reflected XSS.This issue affects CMC MIGRATE: from n/a through = 0.0.3...
CVE-2025-23746 WordPress CMC MIGRATE plugin <= 0.0.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Edem CMC MIGRATE cmc-migrate allows Reflected XSS.This issue affects CMC MIGRATE: from n/a through = 0.0.3...
CVE-2025-23746
CVE-2025-23746 is a reflected Cross‑Site Scripting issue in the CMC MIGRATE plugin for WordPress (NotFound) affecting versions up to 0.0.3. The connected Red Hat entry reiterates the description and target software (CMC MIGRATE) but does not provide concrete exploitation details or a published fi...
WordPress plugin CMC MIGRATE 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress CMC MIGRATE plugin <= 0.0.3 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin CMC MIGRATE versions = 0.0.3...
CVE-2024-47943
The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Processing Unit devices checks if the patch files are signed before executing the containing run.sh script. The signing process is kind of an HMAC with a long string as key which is hard-coded in the...
CVE-2024-47943 Improper signature verification of firmware upgrade files
The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Processing Unit devices checks if the patch files are signed before executing the containing run.sh script. The signing process is kind of an HMAC with a long string as key which is hard-coded in the...
CVE-2024-47943 Improper signature verification of firmware upgrade files
The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Processing Unit devices checks if the patch files are signed before executing the containing run.sh script. The signing process is kind of an HMAC with a long string as key which is hard-coded in the...
CVE-2024-47943
CVE-2024-47943 affects the Rittal IoT Interface & CMC III Processing Unit. The firmware upgrade feature does not properly verify patch signatures: the signing uses an HMAC-like mechanism with a hard-coded key, which is publicly available, allowing attackers to craft malicious signed .patch files ...
Rittal IoT Interface & CMC III Processing Unit 安全漏洞
The Rittal IoT Interface & CMC III Processing Unit is a key component of Rittal Germany's Smart Networking of Sensors for monitoring physical environmental conditions. A security vulnerability exists in the Rittal IoT Interface & CMC III Processing Unit prior to version 6.21.00.2, which stems fro...
Rittal IoT Interface & CMC III Processing Unit 安全漏洞
The Rittal IoT Interface & CMC III Processing Unit is a key component of Rittal Germany's Smart Networking of Sensors for monitoring physical environmental conditions. A security vulnerability exists in Rittal IoT Interface & CMC III Processing Unit versions prior to 6.21.00.2, which stems from a...