Lucene search
+L

55 matches found

NVD
NVD
added 2023/10/17 1:15 p.m.21 views

CVE-2023-43777

Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays. This software has a password protection functionality to secure the project file from unauthorized access. This password was being stored...

6.5CVSS6.1AI score0.00278EPSS
Exploits0References1
OSV
OSV
added 2023/10/17 1:15 p.m.3 views

CVE-2023-43777

Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays. This software has a password protection functionality to secure the project file from unauthorized access. This password was being stored...

6.5CVSS5.8AI score0.00278EPSS
Exploits0References1
Prion
Prion
added 2023/10/17 1:15 p.m.24 views

Design/Logic Flaw

Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays. This software has a password protection functionality to secure the project file from unauthorized access. This password was being stored...

4CVSS6.5AI score0.00278EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/10/17 12:49 p.m.43 views

CVE-2023-43777

CVE-2023-43777 affects Eaton easySoft software used to program easy controllers and displays. The root issue is insecure storage of the project password, which could be retrieved by skilled adversaries, leading to potential unauthorized access to protected files. Documents confirm the password pr...

6.5CVSS6.1AI score0.00278EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/17 12:49 p.m.35 views

CVE-2023-43777 Insecure storage of password in easySoft

Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays. This software has a password protection functionality to secure the project file from unauthorized access. This password was being stored...

5.9CVSS6.7AI score0.00278EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/17 12:49 p.m.12 views

CVE-2023-43777 Insecure storage of password in easySoft

Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays. This software has a password protection functionality to secure the project file from unauthorized access. This password was being stored...

5.9CVSS6.8AI score0.00278EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/10/17 12:0 a.m.6 views

Eaton easySoft Security Breach

Eaton Easysoft is a programming application for industrial applications from Eaton Corporation. The software is used for use in programming Easy controllers and displays, where circuit diagrams can be edited and displayed in a format. A security vulnerability exists in Eaton easySoft that stems...

6.5CVSS6.8AI score0.00278EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/10/17 12:0 a.m.8 views

PT-2023-28978 · Eaton · Eaton Easysoft

Name of the Vulnerable Software and Affected Versions: Eaton easySoft affected versions not specified Description: The Eaton easySoft software has a password protection functionality to secure project files from unauthorized access. However, the password was being stored insecurely, allowing...

6.5CVSS6.8AI score0.00278EPSS
Exploits0References7
NVD
NVD
added 2023/06/20 3:15 p.m.17 views

CVE-2020-21268

Cross Site Scripting vulnerability in EasySoft ZenTao v.11.6.4 allows a remote attacker to execute arbitrary code via the lastComment parameter...

6.1CVSS6.4AI score0.00565EPSS
Exploits1References1
OSV
OSV
added 2023/06/20 3:15 p.m.18 views

CVE-2020-21268

Cross Site Scripting vulnerability in EasySoft ZenTao v.11.6.4 allows a remote attacker to execute arbitrary code via the lastComment parameter...

6.1CVSS7.5AI score
Exploits0References1
Prion
Prion
added 2023/06/20 3:15 p.m.16 views

Cross site scripting

Cross Site Scripting vulnerability in EasySoft ZenTao v.11.6.4 allows a remote attacker to execute arbitrary code via the lastComment parameter...

5.8CVSS6.4AI score0.00565EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2023/06/20 12:0 a.m.44 views

CVE-2020-21268

The CVE-2020-21268 entry concerns EasySoft ZenTao v11.6.4 with a Cross Site Scripting vulnerability in the lastComment parameter that can enable a remote attacker to execute arbitrary code. Affected component: ZenTao/lastComment handling. Root cause details are not explicitly provided in the conn...

6.1CVSS6.4AI score0.00565EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/06/20 12:0 a.m.21 views

CVE-2020-21268

Cross Site Scripting vulnerability in EasySoft ZenTao v.11.6.4 allows a remote attacker to execute arbitrary code via the lastComment parameter...

6.4AI score0.00565EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/06/20 12:0 a.m.7 views

CVE-2020-21268

Cross Site Scripting vulnerability in EasySoft ZenTao v.11.6.4 allows a remote attacker to execute arbitrary code via the lastComment parameter...

7.3AI score0.00565EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/06/20 12:0 a.m.4 views

PT-2023-11581 · Easysoft · Easysoft Zentao

Name of the Vulnerable Software and Affected Versions: EasySoft ZenTao version 11.6.4 Description: The issue allows a remote attacker to execute arbitrary code via the lastComment parameter, which is related to a Cross Site Scripting vulnerability. Recommendations: For EasySoft ZenTao version...

6.1CVSS7.4AI score0.00565EPSS
Exploits1References5
Huntr
Huntr
added 2021/07/28 6:47 p.m.7 views

Cross-Site Request Forgery (CSRF) in easysoft/zentaopms

✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...

0.8AI score
Exploits0
CNVD
CNVD
added 2021/03/31 12:0 a.m.1 views

SQL Injection Vulnerability in Business Control System of Taiyuan ECS Software Technology Co.

Ltd. is an Internet software development and system integration enterprise relying on Internet information and Internet of Things IoT technology to provide enterprises with complete smart factory solutions. There is a SQL injection vulnerability in the business control system of Taiyuan Easysoft...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/01/13 12:0 a.m.7 views

Eaton Easysoft Input Validation Error Vulnerability

Eaton Easysoft is a programming application for industrial applications from Eaton Corporation. The software is used to program Easy controllers and displays, and the wiring diagrams can be edited and displayed in a format. A security vulnerability exists in Eaton easySoft software v7.20 and prio...

7.8CVSS7.3AI score0.02654EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/09 12:0 a.m.5 views

Eaton Easysoft Denial of Service Vulnerability

Eaton Easysoft is a programming application for industrial applications from Eaton Corporation. The software is used to program Easy controllers and displays, and the wiring diagrams can be edited and displayed in a format. A denial of service vulnerability exists in Eaton easySoft software versi...

7.8CVSS7.2AI score0.02706EPSS
Exploits0References1
OSV
OSV
added 2021/01/07 6:15 p.m.3 views

CVE-2020-6656

Eaton's easySoft software v7.xx prior to v7.22 are susceptible to file parsing type confusion remote code execution vulnerability. A malicious entity can execute a malicious code or make the application crash by tricking user upload a malformed .E70 file in the application. The vulnerability aris...

7.8CVSS7.7AI score0.02706EPSS
Exploits0References5
Rows per page
Query Builder