154 matches found
Carlo Gavazzi SmartHouse Webapp 安全漏洞
Carlo Gavazzi SmartHouse Webapp is a software platform for remote management of smart home devices from Carlo Gavazzi, USA. A security vulnerability exists in Carlo Gavazzi SmartHouse Webapp version 6.5.33, which stems from the presence of multiple cross-site request forgery and cross-site...
EUVD-2017-11178
Malware in sbrugna...
EUVD-2012-6283
Malware in sbrugna...
EUVD-2017-14254
Malware in sbrugna...
EUVD-2017-14253
Malware in sbrugna...
EUVD-2022-27672
Malicious code in bioql PyPI...
EUVD-2022-27671
Malicious code in bioql PyPI...
EUVD-2022-27668
Malicious code in bioql PyPI...
EUVD-2022-33254
Malicious code in bioql PyPI...
EUVD-2022-33250
Malicious code in bioql PyPI...
EUVD-2022-33253
Malicious code in bioql PyPI...
EUVD-2022-33249
Malicious code in bioql PyPI...
EUVD-2022-33251
Malicious code in bioql PyPI...
EUVD-2022-27669
Malicious code in bioql PyPI...
EUVD-2022-27670
Malicious code in bioql PyPI...
CVE-2022-28816
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy is prone to reflected XSS which only affects the Sentilo service...
CVE-2022-28815
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy server was discovered to contain a SQL injection vulnerability allowing an attacker to query other tables of the Sentilo service...
CVE-2012-6428
The Carlo Gavazzi EOS-Box stores hard-coded passwords in the PHP file of the device. By using the hard-coded passwords, attackers can log into the device with administrative privileges. This could allow the attacker to have unauthorized access...
CVE-2012-6427
The Carlo Gavazzi EOS-Box does not check the validity of the data before executing queries. By accessing the SQL table of certain pages that do not require authentication, attackers can leak information from the device. This could allow the attacker to compromise confidentiality...
CVE-2022-28814
Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 was discovered to be vulnerable to a relative path traversal vulnerability which enables remote attackers to read arbitrary files and gain full control of the device...