Lucene search
K

1284 matches found

CVE
CVE
added 2024/08/14 12:0 a.m.56 views

CVE-2024-7753

SourceCodester Clinics Patient Management System 1.0 contains a vulnerability in the /user_images/ path that can be triggered remotely via an unauthorized direct request. The issue affects unknown code in that file, and the exploit has been disclosed publicly. CVSS context in the record indicates...

7.5CVSS5.5AI score0.00884EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/13 12:0 a.m.6 views

PT-2024-38561 · Sourcecodester · Sourcecodester Clinics Patient Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Clinics Patient Management System version 1.0 Description: A vulnerability was found in the system, declared as problematic, affecting unknown code of the file /user images/. The manipulation leads to direct request. The attack...

7.5CVSS5.8AI score0.00884EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/08/01 12:0 a.m.5 views

PT-2024-5764 · Vonets · Vonets Wifi Bridge Repeaters +1

Name of the Vulnerable Software and Affected Versions: Vonets industrial wifi bridge relays and wifi bridge repeaters versions 3.3.23.6.9 and prior Description: The issue is related to an improper authentication mechanism in the software, allowing an unauthenticated remote attacker to bypass...

9.8CVSS7.4AI score0.00683EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2024/07/27 10:0 p.m.14 views

CVE-2024-7153 Netgear WN604 siteSurvey.php direct request

A vulnerability classified as problematic has been found in Netgear WN604 up to 20240719. Affected is an unknown function of the file siteSurvey.php. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be use...

6.9CVSS6.8AI score0.00493EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/07/27 10:0 p.m.45 views

CVE-2024-7153 Netgear WN604 siteSurvey.php direct request

A vulnerability classified as problematic has been found in Netgear WN604 up to 20240719. Affected is an unknown function of the file siteSurvey.php. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be use...

6.9CVSS0.00493EPSS
Exploits0References4
NVD
NVD
added 2024/07/24 8:15 p.m.27 views

CVE-2024-7080

A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /E-Insurance/. The manipulation leads to direct request. The attack can be launched remotely. The exploit has be...

7.5CVSS0.01036EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/07/24 8:0 p.m.15 views

CVE-2024-7080 SourceCodester Insurance Management System direct request

A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /E-Insurance/. The manipulation leads to direct request. The attack can be launched remotely. The exploit has be...

6.9CVSS6.9AI score0.01036EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/07/24 8:0 p.m.26 views

CVE-2024-7080 SourceCodester Insurance Management System direct request

A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /E-Insurance/. The manipulation leads to direct request. The attack can be launched remotely. The exploit has be...

6.9CVSS0.01036EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/06/30 12:0 a.m.5 views

Parsec Automation TrakSYS Security Vulnerability

Parsec Automation TrakSYS is an MES solution from Parsec Automation, USA. A security vulnerability exists in Parsec Automation TrakSYS version 11.x.x, which stems from the parameter ID of the file TS/export/contentpage leading to a direct request...

6.9CVSS6.8AI score0.00593EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/06/20 1:31 p.m.41 views

CVE-2024-6188 Parsec Automation TrackSYS pagedefinition direct request

A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic. This issue affects some unknown processing of the file /TS/export/pagedefinition. The manipulation of the argument ID leads to direct request. The attack may be initiated remotely. The exploit has been...

6.9CVSS0.02053EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/06/20 1:31 p.m.14 views

CVE-2024-6188 Parsec Automation TrackSYS pagedefinition direct request

A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic. This issue affects some unknown processing of the file /TS/export/pagedefinition. The manipulation of the argument ID leads to direct request. The attack may be initiated remotely. The exploit has been...

6.9CVSS7AI score0.02053EPSS
Exploits0References4
CVE
CVE
added 2024/06/20 1:31 p.m.65 views

CVE-2024-6188

CVE-2024-6188 affects Parsec Automation TrackSYS 11.x.x. The issue involves processing of the file /TS/export/pagedefinition where manipulation of an argument ID leads to a direct request, allowing a remote attack. Public exploit information is present in the sources and a number of feeds referen...

6.9CVSS5.3AI score0.02053EPSS
In wildExploits0References4
OSV
OSV
added 2024/03/05 12:15 p.m.6 views

CVE-2023-45596

A CWE-425 “Direct Request 'Forced Browsing'” vulnerability in the “fileconfiguration” functionality of the web application allows a remote unauthenticated attacker to access confidential configuration files. This issue affects: AiLux imx6 bundle below version imx61.0.7-2...

5.3CVSS5.8AI score0.00487EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/05 12:0 a.m.4 views

PT-2024-13262 · Unknown · Ailux Imx6 Bundle

Name of the Vulnerable Software and Affected Versions: AiLux imx6 bundle versions prior to imx6 1.0.7-2 Description: A vulnerability in the "measure" functionality of the web application allows a remote unauthenticated attacker to access confidential measure information. The issue is related to a...

5.3CVSS7.3AI score0.00487EPSS
Exploits0References8
OSV
OSV
added 2023/10/26 3:31 p.m.13 views

CVE-2023-5786 GeoServer GeoWebCache rest.html direct request

A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. It has been declared as problematic. This vulnerability affects unknown code of the file /geoserver/gwc/rest.html. The manipulation leads to direct request. The attack can be initiated remotely. The exploit has been disclosed to the...

5.3CVSS5.3AI score0.00844EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/10/26 3:31 p.m.29 views

CVE-2023-5786 GeoServer GeoWebCache rest.html direct request

A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. It has been declared as problematic. This vulnerability affects unknown code of the file /geoserver/gwc/rest.html. The manipulation leads to direct request. The attack can be initiated remotely. The exploit has been disclosed to the...

5.3CVSS9AI score0.00844EPSS
Exploits1References3
NVD
NVD
added 2023/10/23 1:15 a.m.22 views

CVE-2023-5702

A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/. The manipulation leads to direct request. The exploit has been disclosed to the public and may be used. The identifier of th...

6.5CVSS5.6AI score0.14537EPSS
Exploits3References3
Prion
Prion
added 2023/10/23 1:15 a.m.18 views

Design/Logic Flaw

A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/. The manipulation leads to direct request. The exploit has been disclosed to the public and may be used. The identifier of th...

3.3CVSS6.5AI score0.14537EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2023/10/23 12:31 a.m.30 views

CVE-2023-5702 Viessmann Vitogate 300 direct request

A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/. The manipulation leads to direct request. The exploit has been disclosed to the public and may be used. The identifier of th...

4.3CVSS8.2AI score0.14537EPSS
Exploits3References3
CVE
CVE
added 2023/10/23 12:31 a.m.168 views

CVE-2023-5702

CVE-2023-5702 affects Viessmann Vitogate 300 up to version 2.1.3.0. A vulnerability in an unspecified function of the /cgi-bin/ path allows a direct request that can be leveraged by an attacker; public exploit/PoC information exists (e.g., exploitation described in exploitDB). Red Hat and ICS adv...

6.5CVSS6.8AI score0.14537EPSS
Exploits3References3Affected Software1
Rows per page
Query Builder