34 matches found
EUVD-2024-47529
Malicious code in bioql PyPI...
EUVD-2024-47530
Malicious code in bioql PyPI...
EUVD-2024-47528
Malicious code in bioql PyPI...
EUVD-2024-47527
Malicious code in bioql PyPI...
MESbook server-side request forgery vulnerability
MESbook is a web-based system from MESbook Inc. connects to factory machines and converts data into information for real-time management. MESbook has a server-side request forgery vulnerability that can be exploited by an attacker to read the source code of a web file, read internal files or acce...
MESbook Specified Function Provisioning Error Vulnerability
MESbook is a web-based system from MESbook Inc. connects to factory machines and converts data into information for real-time management. MESbook has a Specified Function Provisioning Error vulnerability that can be exploited by an attacker to register a user account without authentication...
MESbook Resource Management Error Vulnerability
MESbook is a web-based system from MESbook Inc. connects to factory machines and converts data into information for real-time management. MESbook has a resource management error vulnerability that can be exploited by an attacker to cause resource consumption and disable the application...
MESbook Information Disclosure Vulnerability
MESbook is a web-based system from MESbook Inc. connects to factory machines and converts data into information for real-time management. MESbook has an information disclosure vulnerability that can be exploited by a local attacker to access different resources by changing the application's API...
CVE-2024-6427
Uncontrolled Resource Consumption vulnerability in MESbook 20221021.03 version. An unauthenticated remote attacker can use the "message" parameter to inject a payload with dangerous JavaScript code, causing the application to loop requests on itself, which could lead to resource consumption and...
CVE-2024-6426
Information exposure vulnerability in MESbook 20221021.03 version, the exploitation of which could allow a local attacker, with user privileges, to access different resources by changing the API value of the application...
CVE-2024-6426
Information exposure vulnerability in MESbook 20221021.03 version, the exploitation of which could allow a local attacker, with user privileges, to access different resources by changing the API value of the application...
CVE-2024-6427
Uncontrolled Resource Consumption vulnerability in MESbook 20221021.03 version. An unauthenticated remote attacker can use the "message" parameter to inject a payload with dangerous JavaScript code, causing the application to loop requests on itself, which could lead to resource consumption and...
CVE-2024-6427
MESbook is affected by CVE-2024-6427 via the message parameter in version 20221021.03, allowing an unauthenticated remote attacker to inject JavaScript payloads that cause the application to loop requests, leading to resource consumption and potential service disruption. Multiple connected source...
CVE-2024-6427 Uncontrolled Resource Consumption vulnerability in MESbook
Uncontrolled Resource Consumption vulnerability in MESbook 20221021.03 version. An unauthenticated remote attacker can use the "message" parameter to inject a payload with dangerous JavaScript code, causing the application to loop requests on itself, which could lead to resource consumption and...
CVE-2024-6427 Uncontrolled Resource Consumption vulnerability in MESbook
Uncontrolled Resource Consumption vulnerability in MESbook 20221021.03 version. An unauthenticated remote attacker can use the "message" parameter to inject a payload with dangerous JavaScript code, causing the application to loop requests on itself, which could lead to resource consumption and...
CVE-2024-6426 Information exposure vulnerability vulnerability in MESbook
Information exposure vulnerability in MESbook 20221021.03 version, the exploitation of which could allow a local attacker, with user privileges, to access different resources by changing the API value of the application...
CVE-2024-6426 Information exposure vulnerability vulnerability in MESbook
Information exposure vulnerability in MESbook 20221021.03 version, the exploitation of which could allow a local attacker, with user privileges, to access different resources by changing the API value of the application...
CVE-2024-6426
Affected software: MESbook, version 20221021.03. Vulnerability: Information exposure via changing the application’s API value, allowing a local attacker with user privileges to access different resources. Root cause / vector: Modifying API values exposes resources that should be restricted. Impac...
MESbook 资源管理错误漏洞
MESbook is a web-based system from MESbook Inc. connects to factory machines and converts data into information for real-time management. MESbook has a resource management error vulnerability that can be exploited by an attacker to cause resource consumption and disable the application...
PT-2024-37619 · Mesbook · Mesbook
Name of the Vulnerable Software and Affected Versions: MESbook version 202221021.03 Description: The issue is related to an Uncontrolled Resource Consumption vulnerability. An unauthenticated remote attacker can use the message parameter to inject a payload with dangerous JavaScript code, causing...