13 matches found
CVE-2023-31702
SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1...
CVE-2023-33730
Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format...
CVE-2023-33730
Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format...
CVE-2023-33730
Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format...
Privilege escalation
Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format...
CVE-2023-33730
The CVE-2023-33730 vulnerability affects Microworld Technologies eScan Management Console version 14.0.1400.2281, in the GetUserCurrentPwd function, allowing remote attackers to retrieve plaintext passwords for admins or users. The underlying issue enables privilege escalation and full account co...
Microworld Technologies eScan Management Console 安全漏洞
MicroWorld Technologies eScan Management Console is an electronic scanning management console from MicroWorld Technologies, Inc. A security vulnerability exists in Microworld Technologies eScan Management Console version 14.0.1400.2281, which originates in the GetUserCurrentPwd function that allo...
CVE-2023-33730
Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format...
PT-2023-24459 · Microworld Technologies · Escan Management Console
Name of the Vulnerable Software and Affected Versions: Microworld Technologies eScan Management Console version 14.0.1400.2281 Description: The issue allows any remote attacker to retrieve the password of any admin or normal user in plain text format through the GetUserCurrentPwd function...
Exploit for Cleartext Transmission of Sensitive Information in Escanav Escan_Management_Console
eScan Management Console 14.0.1400.2281 - Privilege Escalatio...
CVE-2023-31702
SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1...
Sql injection
SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1...
CVE-2023-31702
SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1...