Lucene search
K

2125 matches found

BDU FSTEC
BDU FSTEC
added 2023/05/24 12:0 a.m.6 views

The vulnerability of the control panel of the microprogrammed software for DVR devices TBK DVR4104 and TBK DVR4216 allows intruders to bypass security restrictions and gain unauthorized access to protected information.

The vulnerability of the control panel of the microprogrammed software for TBK DVR devices, TBK DVR4104 and TBK DVR4216, lies in the lack of measures to neutralize special elements during the processing of the Cookie header: uid=admin. Exploiting this vulnerability allows a remote attacker to...

10CVSS7.8AI score0.83151EPSS
Exploits13References9
OSV
OSV
added 2023/05/22 7:15 p.m.2 views

CVE-2023-28467

In MyBB before 1.8.34, there is XSS in the User CP module via the user email field...

6.1CVSS5.8AI score0.0051EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/05/22 7:15 p.m.6 views

CVE-2023-28467

In MyBB before 1.8.34, there is XSS in the User CP module via the user email field...

6.1CVSS5.9AI score0.0051EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/05/22 12:0 a.m.2 views

MyBB 跨站脚本漏洞

MyBB MyBulletinBoard is a free and web-based forum software developed by MYBB team using PHP and MySQL. The software is easy to use, supports multiple languages, scalable and other features. A security vulnerability exists in MyBB versions prior to 1.8.34, which stems from a cross-site scripting...

6.1CVSS5.9AI score0.0051EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/05/22 12:0 a.m.5 views

PT-2023-21737 · Mybb · Mybb

Name of the Vulnerable Software and Affected Versions: MyBB versions prior to 1.8.34 Description: The issue concerns a cross-site scripting XSS flaw in the User CP module, specifically via the user email field. This allows for potential malicious script execution. Recommendations: For versions...

6.1CVSS6.1AI score0.0051EPSS
Exploits0References9
NVD
NVD
added 2023/04/14 3:15 p.m.20 views

CVE-2023-30459

SmartPTT SCADA 1.1.0.0 allows remote code execution when the attacker has administrator privileges by writing a malicious C script and executing it on the server via server settings in the administrator control panel on port 8101, by default...

7.2CVSS7.4AI score0.02106EPSS
Exploits2References2
Prion
Prion
added 2023/04/14 3:15 p.m.19 views

Design/Logic Flaw

SmartPTT SCADA 1.1.0.0 allows remote code execution when the attacker has administrator privileges by writing a malicious C script and executing it on the server via server settings in the administrator control panel on port 8101, by default...

5.8CVSS7.3AI score0.02106EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2023/04/14 12:0 a.m.63 views

CVE-2023-30459

CVE-2023-30459 affects SmartPTT SCADA 1.1.0.0. The vulnerability enables remote code execution by writing a malicious C# script and executing it on the server via the administrator control panel (port 8101 by default) when the attacker has administrator privileges. This is supported by multiple c...

7.2CVSS7.4AI score0.02106EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2023/04/14 12:0 a.m.25 views

CVE-2023-30459

SmartPTT SCADA 1.1.0.0 allows remote code execution when the attacker has administrator privileges by writing a malicious C script and executing it on the server via server settings in the administrator control panel on port 8101, by default...

7.6AI score0.02106EPSS
Exploits2References2
GithubExploit
GithubExploit
added 2023/04/11 11:11 a.m.406 views

Exploit for CVE-2023-30459

CVE-2023-30459 SmartPTT SCADA 1.1.0.0 allows remote code execu...

7.2CVSS7.4AI score0.02106EPSS
Exploits2
Kaspersky
Kaspersky
added 2023/04/11 12:0 a.m.208 views

KLA48845 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information, spoof user interface, bypass security restrictions. Below is a complete list of...

9.8CVSS9.9AI score0.95454EPSS
Exploits22References100
Kaspersky
Kaspersky
added 2023/04/11 12:0 a.m.32 views

KLA48838 Multiple vulnerabilities in Microsoft Dynamics

Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to spoof user interface. Below is a complete list of vulnerabilities: 1. A cross-site-scripting XSS vulnerability Microsoft Dynamics 365 Customer Voice can be exploited remotely to spoof...

7.6CVSS6.1AI score0.00748EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/04/11 12:0 a.m.3 views

PT-2023-21948 · Siemens · Siprotec 5

Name of the Vulnerable Software and Affected Versions: SIPROTEC 5 6MD85 CP300 versions 7.80 through 9.40 SIPROTEC 5 6MD86 CP300 versions 7.80 through 9.40 SIPROTEC 5 6MD89 CP300 versions 7.80 through 9.64 SIPROTEC 5 6MU85 CP300 versions 7.80 through 9.40 SIPROTEC 5 7KE85 CP300 versions 7.80 throu...

7.5CVSS7.5AI score0.00935EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/03/27 12:0 a.m.7 views

The vulnerability of the control panel for servers and cloud services, CloudPanel, arises from the use of a rigidly encrypted cryptographic key for the SSL certificate. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the control panel for servers and cloud services like CloudPanel lies in the use of a strictly encrypted cryptographic key for the SSL certificate. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

7.5CVSS7.5AI score0.00599EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/27 12:0 a.m.5 views

The vulnerability of the central control module of the Rittal CMC III system, due to deficiencies in access control, allows unauthorized access by intruders to protected information and enhances their privileges.

The vulnerability of the central control block of the Rittal CMC III system is related to deficiencies in access control. Exploiting this vulnerability could allow an intruder to gain unauthorized access to protected information and enhance their privileges by cloning the access card used to open...

4.8CVSS5.5AI score0.00261EPSS
Exploits0References3
Fedora
Fedora
added 2023/02/25 3:47 a.m.11 views

[SECURITY] Fedora 37 Update: plasma-firewall-5.27.1-1.fc37

Control Panel for your system firewall...

2.1AI score
Exploits0
OSV
OSV
added 2023/02/15 7:15 p.m.3 views

CVE-2023-23464

Media CP Media Control Panel latest version. A Permissive Flash Cross-domain Policy may allow information disclosure...

7.5CVSS7.1AI score0.00482EPSS
Exploits0References1
OSV
OSV
added 2023/02/15 7:15 p.m.1 views

CVE-2023-23465

Media CP Media Control Panel latest version. CSRF possible through unspecified endpoint...

8.8CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2023/02/15 7:15 p.m.3 views

CVE-2023-23467

Media CP Media Control Panel latest version. Reflected XSS possible through unspecified endpoint...

6.1CVSS6.4AI score0.00379EPSS
Exploits0References1
NVD
NVD
added 2023/02/15 7:15 p.m.13 views

CVE-2023-23466

Media CP Media Control Panel latest version. Insufficiently protected credential change...

7.5CVSS6.7AI score0.00411EPSS
Exploits0References1
Rows per page
Query Builder