Lucene search
K

251 matches found

OSV
OSV
added 2022/11/30 2:15 p.m.4 views

CVE-2022-38803

Zkteco BioTime 8.5.3 Build:20200816.447 is vulnerable to Incorrect Access Control via Leave, overtime, Manual log. An authenticated employee can read local files by exploiting XSS into a pdf generator when exporting data as a PDF...

6.8CVSS5.8AI score0.00626EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/11/30 12:0 a.m.4 views

PT-2022-24576 · Zkteco · Zkteco Biotime

Name of the Vulnerable Software and Affected Versions: Zkteco BioTime versions prior to 8.5.3 Build:20200816.447 Description: The issue concerns Incorrect Access Control via Leave, overtime, Manual log. An authenticated employee can exploit XSS into a pdf generator when exporting data as a PDF to...

6.8CVSS6.3AI score0.00626EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/11/30 12:0 a.m.3 views

Zkteco BioTime 跨站脚本漏洞

Zkteco BioTime is a powerful web-based time and attendance management software from the Chinese company Zkteco. A security vulnerability exists in Zkteco BioTime versions prior to 8.5.4, which stems from vulnerability to incorrect access control, where an authenticated administrator can read a...

6.2CVSS6.4AI score0.00639EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/11/30 12:0 a.m.25 views

CVE-2022-38802

Zkteco BioTime 8.5.3 Build:20200816.447 is vulnerable to Incorrect Access Control via resign, private message, manual log, time interval, attshift, and holiday. An authenticated administrator can read local files by exploiting XSS into a pdf generator when exporting data as a PDF...

6AI score0.00639EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/11/30 12:0 a.m.9 views

CVE-2022-38802

Zkteco BioTime 8.5.3 Build:20200816.447 is vulnerable to Incorrect Access Control via resign, private message, manual log, time interval, attshift, and holiday. An authenticated administrator can read local files by exploiting XSS into a pdf generator when exporting data as a PDF...

5.9AI score0.00639EPSS
Exploits1References2
NVD
NVD
added 2022/11/06 5:15 p.m.15 views

CVE-2022-44544

Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0 potentially allow a PDF export to trigger a remote shell if the site is running on Ubuntu and the flag -dSAFER is not set with Ghostscript...

9.8CVSS0.00762EPSS
Exploits0References2
OSV
OSV
added 2022/11/06 5:15 p.m.9 views

CVE-2022-44544

Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0 potentially allow a PDF export to trigger a remote shell if the site is running on Ubuntu and the flag -dSAFER is not set with Ghostscript...

9.8CVSS6.9AI score
Exploits0References2
Prion
Prion
added 2022/11/06 5:15 p.m.15 views

Design/Logic Flaw

Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0 potentially allow a PDF export to trigger a remote shell if the site is running on Ubuntu and the flag -dSAFER is not set with Ghostscript...

7.5CVSS9.3AI score0.00762EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/11/06 12:0 a.m.4 views

Mahara 安全漏洞

Mahara is a free open source web-based ePortfolio management system from Mahara. A security vulnerability exists in Mahara version 21.04 up to and including version 21.04.7, version 21.10 up to and including version 21.10.5, version 22.04 up to and including version 22.04.3, and version 22.10.0,...

9.8CVSS8.2AI score0.00762EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/11/06 12:0 a.m.22 views

CVE-2022-44544

Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0 potentially allow a PDF export to trigger a remote shell if the site is running on Ubuntu and the flag -dSAFER is not set with Ghostscript...

9.7AI score0.00762EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/11/06 12:0 a.m.7 views

CVE-2022-44544

Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0 potentially allow a PDF export to trigger a remote shell if the site is running on Ubuntu and the flag -dSAFER is not set with Ghostscript...

9.4AI score0.00762EPSS
Exploits0References2
CVE
CVE
added 2022/11/06 12:0 a.m.86 views

CVE-2022-44544

CVE-2022-44544 affects Mahara versions: 21.04 up to 21.04.7, 21.10 up to 21.10.5, 22.04 up to 22.04.3, and 22.10 up to 22.10.0. The vulnerability stems from the PDF export function lacking sufficient protection, potentially allowing a remote shell if Ghostscript runs on Ubuntu without -dSAFER. Af...

9.8CVSS9.4AI score0.00762EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/06/22 12:0 a.m.6 views

PT-2022-6323 · Canonical · Ubuntu

Name of the Vulnerable Software and Affected Versions: Mahara versions 21.04 through 21.04.6 Mahara versions 21.10 through 21.10.4 Mahara versions 22.04 through 22.04.2 Mahara version 22.10.0 Description: The vulnerability exists due to the lack of protection of the web page structure in the PDF...

10CVSS9.3AI score0.00762EPSS
Exploits0References8
NVD
NVD
added 2022/04/07 8:15 p.m.17 views

CVE-2021-36202

Server-Side Request Forgery SSRF vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. This issue affects: Johnson Controls Metasys All 10 versions versions prior to 10.1.5; All 11 versions versions prior to 11.0....

8.8CVSS0.0078EPSS
Exploits0References2
Prion
Prion
added 2022/04/07 8:15 p.m.10 views

Server side request forgery (ssrf)

Server-Side Request Forgery SSRF vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. This issue affects: Johnson Controls Metasys All 10 versions versions prior to 10.1.5; All 11 versions versions prior to 11.0....

6.5CVSS8.5AI score0.0078EPSS
Exploits0References2Affected Software3
CVE
CVE
added 2022/04/07 7:12 p.m.106 views

CVE-2021-36202

CVE-2021-36202 describes a Server-Side Request Forgery (SSRF) in Johnson Controls Metasys’ MUI PDF export feature. An authenticated attacker could inject malicious code via this export path. Affected products are Metasys ADS/ADX/OAS versions prior to 10.1.5 and versions prior to 11.0.2. Mitigatio...

8.8CVSS8.6AI score0.0078EPSS
Exploits0References2Affected Software3
Cvelist
Cvelist
added 2022/04/07 7:12 p.m.22 views

CVE-2021-36202 Metasys UI

Server-Side Request Forgery SSRF vulnerability in Johnson Controls Metasys could allow an authenticated attacker to inject malicious code into the MUI PDF export feature. This issue affects: Johnson Controls Metasys All 10 versions versions prior to 10.1.5; All 11 versions versions prior to 11.0....

8.4CVSS8.8AI score0.0078EPSS
Exploits0References2
ICS
ICS
added 2022/04/05 12:0 a.m.68 views

Johnson Controls Metasys

1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Inc. Equipment: Metasys Vulnerability: Server-side Request Forgery 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to inject...

8.8CVSS8.9AI score0.0078EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/03/21 12:0 a.m.2 views

Johnson Controls Metasys system 代码问题漏洞

The Johnson Controls Metasys system is a building automation system from Johnson Controls. A code issue exists in Johnson Controls Metasys ADS/ADX/OAS 10-series servers prior to version 10.1.5 and 11-series servers prior to version 11.0.2 in regards to MUI PDF. An authenticated attacker can injec...

8.8CVSS8.1AI score0.0078EPSS
Exploits0References5
NVD
NVD
added 2021/11/02 10:15 p.m.11 views

CVE-2021-43266

In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exporting collections via PDF export could lead to code execution via shell metacharacters in a collection name. Additional, in Mahara before 20.10.4, 21.04.3, and 21.10.1, exporting collections via PDF export could cause code execution...

7.3CVSS0.01284EPSS
Exploits1References4
Rows per page
Query Builder