EUVD-2023-12417

Malicious code in bioql PyPI...

The vulnerability of the MODULYS GP (MOD3GP-SY-120K) web-based management application allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the MODULYS GP MOD3GP-SY-120K web-based management application relates to the insecure storage of confidential information. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the MODULYS GP (MOD3GP-SY-120K) module-based power supply management web application allows a attacker to perform arbitrary actions.

The vulnerability of the MODULYS GP MOD3GP-SY-120K web-based management application relates to its dependence on cookie files without any checks for their validity and integrity. Exploiting this vulnerability could allow an attacker to perform arbitrary actions remotely...

The vulnerability in the MODULYS GP (MOD3GP-SY-120K) module-based failover management web application allows attackers to execute attacks using cross-site scripting (XSS).

The vulnerability of the MODULYS GP MOD3GP-SY-120K web-based management application exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out attacks using cross-site scripting XSS...

The vulnerability of the MODULYS GP (MOD3GP-SY-120K) module-based power supply management web application allows a attacker to execute arbitrary code.

The vulnerability of the MODULYS GP MOD3GP-SY-120K module-based power supply management web application is related to incorrect code generation. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability in the MODULYS GP (MOD3GP-SY-120K) module-based failover management web application allows attackers to execute attacks using cross-site scripting (XSS).

The vulnerability of the MODULYS GP MOD3GP-SY-120K web-based management application exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out attacks using cross-site scripting XSS...

The vulnerability of the MODULYS GP (MOD3GP-SY-120K) module-based power supply management web application allows a attacker to perform arbitrary actions.

The vulnerability of the MODULYS GP MOD3GP-SY-120K web-based management application relates to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to perform arbitrary actions remotely...

Socomec MODULYS GP Security Vulnerability

The Socomec MODULYS GP is a green power device from Socomec France. A security vulnerability exists in the Socomec MODULYS GP that stems from incorrect session management in a web application, which could allow an attacker to steal a session cookie in order to perform a variety of actions allowed...

Socomec MODULYS GP Cross-Site Scripting Vulnerability

Socomec MODULYS GP is a green power supply device from Socomec France. The Socomec MODULYS GP suffers from a cross-site scripting vulnerability that can be exploited by anyone to inject cross-site scripts...

Socomec MODULYS GP Cross-Site Request Forgery Vulnerability

Socomec MODULYS GP is a green power device from Socomec, France. The Socomec MODULYS GP suffers from a cross-site request forgery vulnerability that stems from a weakness in a web application at the user administration level, which could allow an attacker to obtain the information required to...

PT-2023-5302 · Unknown · Modulys Gp

Name of the Vulnerable Software and Affected Versions: MODULYS GP MOD3GP-SY-120K affected versions not specified Description: The issue exists due to a lack of protection for the web page structure, allowing a remote attacker to perform cross-site scripting XSS attacks. This could enable an...

PT-2023-5300 · Unknown · Modulys Gp

Name of the Vulnerable Software and Affected Versions: MODULYS GP MOD3GP-SY-120K affected versions not specified Description: The absence of filters when loading some sections in the web application of the vulnerable device allows potential attackers to inject malicious code that will be...

PT-2023-5298 · Unknown · Modulys Gp

Name of the Vulnerable Software and Affected Versions: MODULYS GP MOD3GP-SY-120K affected versions not specified Description: The issue is related to the lack of security in the authentication process of the web application, allowing information to be obtained by sending specific requests. This i...

Information disclosure

SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information...

Socomec MODULYS GP 安全漏洞

Socomec MODULYS GP is a green power device from Socomec, a French company. A security vulnerability exists in Socomec MODULYS GP version 7.20 and prior versions, which stems from its lack of strong encryption of credentials on HTTP connections that could allow threat actors to obtain sensitive...

CVE-2023-0356

SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information...

CVE-2023-0356

SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information...

SOCOMEC MODULYS GP (UPDATE A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : SOCOMEC Equipment : MODULYS GP Vulnerability : Weak Encoding for Password 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain sensitive...

PT-2023-16208 · Socomec · Socomec Modulys Gp Netvision

Name of the Vulnerable Software and Affected Versions: SOCOMEC MODULYS GP Netvision versions 7.20 and prior Description: The issue is related to weak encryption for credentials on HTTP connections, which could allow threat actors to obtain sensitive information. Recommendations: For SOCOMEC MODUL...