83 matches found
CVE-2021-22811
A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause script execution when the request of a privileged account accessing the vulnerable web page is intercepted. Affected Products: 1-Phase Uninterruptible Power Supply UP...
CVE-2021-22814
A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists which could cause arbritrary script execution when a malicious file is read and displayed. Affected Products: 1-Phase Uninterruptible Power Supply UPS using NMC2 including Smart-UPS,...
CVE-2021-22812
A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC. Affected Products: 1-Phase Uninterruptible Power...
CVE-2024-58310
The CVE-2024-58310 entry describes a path traversal vulnerability in the APC Network Management Card 4. Affected component is the device’s web interface, where manipulating URL parameters allows unauthenticated attackers to read sensitive files (e.g., /etc/passwd) via directory traversal techniqu...
CVE-2024-58310 APC Network Management Card 4 Path Traversal via Directory Traversal
APC Network Management Card 4 contains a path traversal vulnerability that allows unauthenticated attackers to access sensitive system files by manipulating URL parameters. Attackers can exploit directory traversal techniques to read critical system files like /etc/passwd by using encoded path...
APC Network Management Card 路径遍历漏洞
APC Network Management Card is an APC Network Management Card from APC. A path traversal vulnerability exists in APC Network Management Card, which stems from a path traversal in the URL parameter that could lead to reading sensitive system files...
EUVD-2018-18984
Malware in sbrugna...
EUVD-2018-18982
Malware in sbrugna...
EUVD-2018-18983
Malware in sbrugna...
EUVD-2021-9945
Malicious code in bioql PyPI...
EUVD-2023-58290
Malicious code in bioql PyPI...
EUVD-2021-9946
Malicious code in bioql PyPI...
EUVD-2021-9949
Malicious code in bioql PyPI...
EUVD-2021-9947
Malicious code in bioql PyPI...
EUVD-2021-9950
Malicious code in bioql PyPI...
CVE-2023-6032
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause a file system enumeration and file download when an attacker navigates to the Network Management Card via HTTPS...
CVE-2021-22815
A CWE-200: Information Exposure vulnerability exists which could cause the troubleshooting archive to be accessed. Affected Products: 1-Phase Uninterruptible Power Supply UPS using NMC2 including Smart-UPS, Symmetra, and Galaxy 3500 with Network Management Card 2 NMC2: AP9630/AP9630CH/AP9630J,...
CVE-2018-7820
A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2 AOS v6.5.6, which could cause Remote Monitoring Credentials to be viewed in plaintext when Remote Monitoring is enabled, and then disabled...
CVE-2009-1797
Multiple cross-site request forgery CSRF vulnerabilities on the Network Management Card NMC on American Power Conversion APC Switched Rack PDU aka Rack Mount Power Distribution devices and other devices allow remote attackers to hijack the authentication of 1 administrator or 2 device users for...
CVE-2009-1798
Multiple cross-site scripting XSS vulnerabilities on the Network Management Card NMC on American Power Conversion APC Switched Rack PDU aka Rack Mount Power Distribution devices and other devices allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the...