20 matches found
EUVD-2023-12417
Malicious code in bioql PyPI...
Socomec MODULYS GP Security Vulnerability
The Socomec MODULYS GP is a green power device from Socomec France. A security vulnerability exists in the Socomec MODULYS GP that stems from incorrect session management in a web application, which could allow an attacker to steal a session cookie in order to perform a variety of actions allowed...
Socomec MODULYS GP Security Vulnerability
The Socomec MODULYS GP is a green power device from Socomec France. A security vulnerability exists in the Socomec MODULYS GP that stems from incorrect session management in a web application that allows remote access to credentials...
Socomec MODULYS GP Security Vulnerability
The Socomec MODULYS GP is a green power device from Socomec France. A security vulnerability exists in the Socomec MODULYS GP that stems from a lack of security in the authentication process, where information can be obtained by sending a number of requests in the web application of a vulnerable...
Socomec MODULYS GP Cross-Site Scripting Vulnerability
Socomec MODULYS GP is a green power supply device from Socomec France. The Socomec MODULYS GP suffers from a cross-site scripting vulnerability that can be exploited by anyone to inject cross-site scripts...
Socomec MODULYS GP Cross-Site Request Forgery Vulnerability
Socomec MODULYS GP is a green power device from Socomec, France. The Socomec MODULYS GP suffers from a cross-site request forgery vulnerability that stems from a weakness in a web application at the user administration level, which could allow an attacker to obtain the information required to...
Socomec MODULYS GP Code Injection Vulnerability
Socomec MODULYS GP is a green power supply device from Socomec France. The Socomec MODULYS GP suffers from a code injection vulnerability that stems from a lack of filters and can execute injected malicious code when accessed by a legitimate user...
PT-2023-5300 · Unknown · Modulys Gp
Name of the Vulnerable Software and Affected Versions: MODULYS GP MOD3GP-SY-120K affected versions not specified Description: The absence of filters when loading some sections in the web application of the vulnerable device allows potential attackers to inject malicious code that will be...
PT-2023-5302 · Unknown · Modulys Gp
Name of the Vulnerable Software and Affected Versions: MODULYS GP MOD3GP-SY-120K affected versions not specified Description: The issue exists due to a lack of protection for the web page structure, allowing a remote attacker to perform cross-site scripting XSS attacks. This could enable an...
PT-2023-5299 · Unknown · Modulys Gp
Name of the Vulnerable Software and Affected Versions: MODULYS GP MOD3GP-SY-120K affected versions not specified Description: The issue is related to incorrect session management within the web application, allowing attackers to steal session cookies and perform various actions on the device. Thi...
PT-2023-5298 · Unknown · Modulys Gp
Name of the Vulnerable Software and Affected Versions: MODULYS GP MOD3GP-SY-120K affected versions not specified Description: The issue is related to the lack of security in the authentication process of the web application, allowing information to be obtained by sending specific requests. This i...
CVE-2023-0356
SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information...
CVE-2023-0356
SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information...
Information disclosure
SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information...
Socomec MODULYS GP 安全漏洞
Socomec MODULYS GP is a green power device from Socomec, a French company. A security vulnerability exists in Socomec MODULYS GP version 7.20 and prior versions, which stems from its lack of strong encryption of credentials on HTTP connections that could allow threat actors to obtain sensitive...
CVE-2023-0356
SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information...
CVE-2023-0356
SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information...
CVE-2023-0356
CVE-2023-0356 affects SOCOMEC MODULYS GP Netvision firmware (versions up to 7.20). Root cause: weak encoding of credentials over HTTP connections (CWE-261), enabling potential disclosure of sensitive information. Affected product: MODULYS GP Netvision; vulnerability details are consistent across ...
SOCOMEC MODULYS GP (UPDATE A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : SOCOMEC Equipment : MODULYS GP Vulnerability : Weak Encoding for Password 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain sensitive...
PT-2023-16208 · Socomec · Socomec Modulys Gp Netvision
Name of the Vulnerable Software and Affected Versions: SOCOMEC MODULYS GP Netvision versions 7.20 and prior Description: The issue is related to weak encryption for credentials on HTTP connections, which could allow threat actors to obtain sensitive information. Recommendations: For SOCOMEC MODUL...