55 matches found
CVE-2023-43777
Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays. This software has a password protection functionality to secure the project file from unauthorized access. This password was being stored...
CVE-2023-43777
Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays. This software has a password protection functionality to secure the project file from unauthorized access. This password was being stored...
Design/Logic Flaw
Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays. This software has a password protection functionality to secure the project file from unauthorized access. This password was being stored...
CVE-2023-43777
CVE-2023-43777 affects Eaton easySoft software used to program easy controllers and displays. The root issue is insecure storage of the project password, which could be retrieved by skilled adversaries, leading to potential unauthorized access to protected files. Documents confirm the password pr...
CVE-2023-43777 Insecure storage of password in easySoft
Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays. This software has a password protection functionality to secure the project file from unauthorized access. This password was being stored...
CVE-2023-43777 Insecure storage of password in easySoft
Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays. This software has a password protection functionality to secure the project file from unauthorized access. This password was being stored...
Eaton easySoft Security Breach
Eaton Easysoft is a programming application for industrial applications from Eaton Corporation. The software is used for use in programming Easy controllers and displays, where circuit diagrams can be edited and displayed in a format. A security vulnerability exists in Eaton easySoft that stems...
PT-2023-28978 · Eaton · Eaton Easysoft
Name of the Vulnerable Software and Affected Versions: Eaton easySoft affected versions not specified Description: The Eaton easySoft software has a password protection functionality to secure project files from unauthorized access. However, the password was being stored insecurely, allowing...
CVE-2020-21268
Cross Site Scripting vulnerability in EasySoft ZenTao v.11.6.4 allows a remote attacker to execute arbitrary code via the lastComment parameter...
CVE-2020-21268
Cross Site Scripting vulnerability in EasySoft ZenTao v.11.6.4 allows a remote attacker to execute arbitrary code via the lastComment parameter...
Cross site scripting
Cross Site Scripting vulnerability in EasySoft ZenTao v.11.6.4 allows a remote attacker to execute arbitrary code via the lastComment parameter...
CVE-2020-21268
The CVE-2020-21268 entry concerns EasySoft ZenTao v11.6.4 with a Cross Site Scripting vulnerability in the lastComment parameter that can enable a remote attacker to execute arbitrary code. Affected component: ZenTao/lastComment handling. Root cause details are not explicitly provided in the conn...
CVE-2020-21268
Cross Site Scripting vulnerability in EasySoft ZenTao v.11.6.4 allows a remote attacker to execute arbitrary code via the lastComment parameter...
CVE-2020-21268
Cross Site Scripting vulnerability in EasySoft ZenTao v.11.6.4 allows a remote attacker to execute arbitrary code via the lastComment parameter...
PT-2023-11581 · Easysoft · Easysoft Zentao
Name of the Vulnerable Software and Affected Versions: EasySoft ZenTao version 11.6.4 Description: The issue allows a remote attacker to execute arbitrary code via the lastComment parameter, which is related to a Cross Site Scripting vulnerability. Recommendations: For EasySoft ZenTao version...
Cross-Site Request Forgery (CSRF) in easysoft/zentaopms
✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...
SQL Injection Vulnerability in Business Control System of Taiyuan ECS Software Technology Co.
Ltd. is an Internet software development and system integration enterprise relying on Internet information and Internet of Things IoT technology to provide enterprises with complete smart factory solutions. There is a SQL injection vulnerability in the business control system of Taiyuan Easysoft...
Eaton Easysoft Input Validation Error Vulnerability
Eaton Easysoft is a programming application for industrial applications from Eaton Corporation. The software is used to program Easy controllers and displays, and the wiring diagrams can be edited and displayed in a format. A security vulnerability exists in Eaton easySoft software v7.20 and prio...
Eaton Easysoft Denial of Service Vulnerability
Eaton Easysoft is a programming application for industrial applications from Eaton Corporation. The software is used to program Easy controllers and displays, and the wiring diagrams can be edited and displayed in a format. A denial of service vulnerability exists in Eaton easySoft software versi...
CVE-2020-6656
Eaton's easySoft software v7.xx prior to v7.22 are susceptible to file parsing type confusion remote code execution vulnerability. A malicious entity can execute a malicious code or make the application crash by tricking user upload a malformed .E70 file in the application. The vulnerability aris...