23 matches found
CVE-2022-31324
An arbitrary file download vulnerability in the downloadAction function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request...
CVE-2022-35582
Penta Security Systems Inc WAPPLES 4.0., 5.0.0., 5.0.12. are vulnerable to Incorrect Access Control. The operating system that WAPPLES runs on has a built-in non-privileged user penta with a predefined password. The password for this user, as well as its existence, is not disclosed in the...
EUVD-2022-52865
Malicious code in bioql PyPI...
EUVD-2022-52866
Malicious code in bioql PyPI...
EUVD-2022-38468
Malicious code in bioql PyPI...
CVE-2022-35582
Penta Security Systems Inc WAPPLES 4.0., 5.0.0., 5.0.12. are vulnerable to Incorrect Access Control. The operating system that WAPPLES runs on has a built-in non-privileged user penta with a predefined password. The password for this user, as well as its existence, is not disclosed in the...
CVE-2022-31324
An arbitrary file download vulnerability in the downloadAction function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request...
CVE-2022-31324
An arbitrary file download vulnerability in the downloadAction function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request...
CVE-2022-31322
Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges via overwriting files using SUID flagged executables...
CVE-2022-31324
An arbitrary file download vulnerability in the downloadAction function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request...
Code injection
Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges via overwriting files using SUID flagged executables...
Arbitrary file deletion
An arbitrary file download vulnerability in the downloadAction function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request...
Design/Logic Flaw
Penta Security Systems Inc WAPPLES 4.0., 5.0.0., 5.0.12. are vulnerable to Incorrect Access Control. The operating system that WAPPLES runs on has a built-in non-privileged user penta with a predefined password. The password for this user, as well as its existence, is not disclosed in the...
CVE-2022-31322
Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges via overwriting files using SUID flagged executables...
CVE-2022-31322
The CVE-2022-31322 entry affects Penta Security Systems’ WAPPLES, specifically version 6.0 r3 with 4.10-hotfix1. The vulnerability allows privilege escalation by overwriting files using SUID-enabled executables. Root cause and affected component: SUID flagged executables enabling local privilege ...
CVE-2022-31324
CVE-2022-31324 (WAPPLES) : A vulnerability in Penta Security Systems Inc WAPPLES (version 6.0 r3 4.10-hotfix1) within the downloadAction() function allows an attacker to download arbitrary files via a crafted POST request. This is stated across multiple sources (NVD, Red Hat advisory, CVE lists) ...
CVE-2022-31324
An arbitrary file download vulnerability in the downloadAction function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request...
CVE-2022-35582
Penta Security Systems Inc WAPPLES 4.0., 5.0.0., 5.0.12. are vulnerable to Incorrect Access Control. The operating system that WAPPLES runs on has a built-in non-privileged user penta with a predefined password. The password for this user, as well as its existence, is not disclosed in the...
CVE-2022-35582
CVE-2022-35582 pertains to Penta Security WAPPLES (versions 4.0., 5.0.0. , 5.0.12.*) with an Incorrect Access Control flaw: the OS includes a built-in non-privileged user named ‘penta’ with a predefined password, whose existence and credentials are not documented. This enables potential unauthori...
PT-2022-20686 · Penta Security Systems Inc · Wapples
Name of the Vulnerable Software and Affected Versions: Penta Security Systems Inc WAPPLES version 6.0 r3 4.10-hotfix1 Description: The issue allows attackers to escalate privileges via overwriting files using SUID flagged executables. Recommendations: For Penta Security Systems Inc WAPPLES versio...