239 matches found
Cyber Power Systems PowerPanel Enterprise 安全漏洞
Cyber Power Systems PowerPanel Enterprise is a software program from Cyber Power Systems designed to provide real-time PUE, PUE trends, and total energy use trends. A security vulnerability exists in Cyber Power Systems PowerPanel Enterprise prior to version v2.8.3 that stems from an SQL injectio...
Cyber Power Systems PowerPanel Enterprise 安全漏洞
Cyber Power Systems PowerPanel Enterprise is a software program from Cyber Power Systems designed to provide real-time PUE, PUE trends, and total energy use trends. A security vulnerability exists in Cyber Power Systems PowerPanel Enterprise prior to version v2.8.3 that stems from an SQL injectio...
CVE-2024-32739 CyberPower PowerPanel Enterprise SQL Injection
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "queryptaskverbose" function within MCUDBHelper...
CVE-2024-32739
A concrete SQL injection vulnerability (CVE-2024-32739) affects CyberPower PowerPanel Enterprise prior to v2.8.3. The flaw resides in the MCUDBHelper’s query_ptask_verbose function, enabling an unauthenticated remote attacker to leak sensitive information. Affected software: CyberPower PowerPanel...
CVE-2024-32739 CyberPower PowerPanel Enterprise SQL Injection
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "queryptaskverbose" function within MCUDBHelper...
CVE-2024-32738
CyperPower PowerPanel Enterprise is affected by a SQL injection in the MCUDBHelper’s query_ptask_lean function, prior to version 2.8.3. The vulnerability allows an unauthenticated remote attacker to leak sensitive information (CWE-89 style flaw in the SQL query construction) with network access. ...
CVE-2024-32738 CyberPower PowerPanel Enterprise SQL Injection
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "queryptasklean" function within MCUDBHelper...
CVE-2024-32738 CyberPower PowerPanel Enterprise SQL Injection
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "queryptasklean" function within MCUDBHelper...
CVE-2024-32737
CyberPower PowerPanel Enterprise
CVE-2024-32737 CyberPower PowerPanel Enterprise SQL Injection
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "querycontractresult" function within MCUDBHelper...
CVE-2024-32737 CyberPower PowerPanel Enterprise SQL Injection
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "querycontractresult" function within MCUDBHelper...
CVE-2024-32736 CyberPower PowerPanel Enterprise SQL Injection
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "queryutaskverbose" function within MCUDBHelper...
CVE-2024-32736 CyberPower PowerPanel Enterprise SQL Injection
A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can leak sensitive information via the "queryutaskverbose" function within MCUDBHelper...
CVE-2024-32736
CVE-2024-32736 affects CyberPower PowerPanel Enterprise prior to v2.8.3. The vulnerability is an SQL injection in the MCUDBHelper’s query_utask_verbose function that can be exploited by an unauthenticated remote attacker to leak sensitive information. The CVSS 3.1 base score is 7.5 (HIGH), with n...
CVE-2024-32735
CVE-2024-32735 affects CyberPower PowerPanel Enterprise prior to v2.8.3, where a missing authentication flaw grants an unauthenticated remote attacker access to the PDNU REST APIs, potentially compromising the application. This is corroborated by multiple sources (NVD, Red Hat, Nuclei template, a...
CVE-2024-32735 CyberPower PowerPanel Enterprise Missing Authentication
An issue regarding missing authentication for certain utilities exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can access the PDNU REST APIs, which may result in compromise of the application...
CVE-2024-32735 CyberPower PowerPanel Enterprise Missing Authentication
An issue regarding missing authentication for certain utilities exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can access the PDNU REST APIs, which may result in compromise of the application...
PT-2024-24820
Name of the Vulnerable Software and Affected Versions CyberPower PowerPanel Enterprise versions prior to 2.8.3 Description A sql injection issue exists, allowing an unauthenticated remote attacker to leak sensitive information via the query ptask verbose function within MCUDBHelper. Recommendatio...
PT-2024-4530 · Cyberpower · Cyberpower Powerpanel Enterprise
Name of the Vulnerable Software and Affected Versions: CyberPower PowerPanel Enterprise versions prior to 2.8.3 Description: The issue is related to a SQL injection vulnerability in the query contract result function of the MCUDBHelper component in the corporate version of the PowerPanel Enterpri...
PT-2024-4531 · Cyberpower · Cyberpower Powerpanel Enterprise
Name of the Vulnerable Software and Affected Versions: CyberPower PowerPanel Enterprise versions prior to 2.8.3 Description: A sql injection vulnerability exists in the software, allowing an unauthenticated remote attacker to leak sensitive information via the query utask verbose function within...