Lucene search
K

282 matches found

Cvelist
Cvelist
added 2023/09/10 3:0 a.m.31 views

CVE-2023-4873 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform importexport.php os command injection

A vulnerability, which was classified as critical, was found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230906. Affected is an unknown function of the file /importexport.php. The manipulation of the argument sql leads to os command injection. It is...

6.5CVSS10AI score0.74897EPSS
Exploits1References4
CVE
CVE
added 2023/09/10 3:0 a.m.82 views

CVE-2023-4873

The CVE-2023-4873 entry concerns Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform (up to 20230906). Affects an unknown function in /importexport.php where manipulating the sql argument triggers an OS command injection. Exploitation can be carried out remotely, and pu...

9.8CVSS8.4AI score0.74897EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2023/09/04 12:15 a.m.20 views

CVE-2023-4745

A vulnerability was found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230822. It has been rated as critical. Affected by this issue is some unknown functionality of the file /importexport.php. The manipulation leads to sql injection. The attack may be...

9.8CVSS7.3AI score0.03824EPSS
Exploits1References4
CVE
CVE
added 2023/09/03 11:31 p.m.65 views

CVE-2023-4745

CVE-2023-4745 concerns Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform (up to 20230822). Multiple sources confirm a vulnerability in the unknown functionality of /importexport.php that leads to SQL injection. The issue can be triggered remotely over the network and ...

9.8CVSS8.2AI score0.03824EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2023/09/03 11:31 p.m.22 views

CVE-2023-4745 Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform importexport.php sql injection

A vulnerability was found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230822. It has been rated as critical. Affected by this issue is some unknown functionality of the file /importexport.php. The manipulation leads to sql injection. The attack may be...

6.5CVSS9.9AI score0.03824EPSS
Exploits1References4
OSV
OSV
added 2023/06/09 7:15 p.m.4 views

CVE-2023-29713

Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the GET request after the /css/ directory...

6.1CVSS6.2AI score0.0068EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/06/09 7:15 p.m.6 views

CVE-2023-29714

Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via the username, password, and language cookies parameter...

6.1CVSS6.7AI score0.0068EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/06/09 7:15 p.m.4 views

CVE-2023-29713

Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the GET request after the /css/ directory...

6.1CVSS6.7AI score0.0068EPSS
Exploits0References4
OSV
OSV
added 2023/06/09 7:15 p.m.3 views

CVE-2023-29714

Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via the username, password, and language cookies parameter...

6.1CVSS6.2AI score0.0068EPSS
Exploits0References3
Prion
Prion
added 2023/06/09 7:15 p.m.14 views

Cross site scripting

Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the GET request after the /css/ directory...

5.8CVSS6.3AI score0.0068EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/06/09 7:15 p.m.12 views

Cross site scripting

Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via the username, password, and language cookies parameter...

5.8CVSS6.4AI score0.0068EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/06/09 6:15 p.m.4 views

CVE-2023-29712

Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the X-Rewrite-URL parameter...

6.1CVSS6.1AI score0.00883EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2023/06/09 6:15 p.m.3 views

CVE-2023-29712

Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the X-Rewrite-URL parameter...

6.1CVSS6.7AI score0.00883EPSS
Exploits1References4
Prion
Prion
added 2023/06/09 6:15 p.m.17 views

Cross site scripting

Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the X-Rewrite-URL parameter...

5.8CVSS6.3AI score0.00883EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/09 12:0 a.m.13 views

CVE-2023-29713

Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the GET request after the /css/ directory...

7.4AI score0.0068EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/06/09 12:0 a.m.3 views

PT-2023-22369 · Vade Secure · Vade Secure Gateway

Name of the Vulnerable Software and Affected Versions: Vade Secure Gateway affected versions not specified Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via a crafted payload to the GET request after the /css/ directory. This enables the attacker to...

6.1CVSS7.1AI score0.0068EPSS
Exploits0References6
CVE
CVE
added 2023/06/09 12:0 a.m.61 views

CVE-2023-29713

CVE-2023-29713 affects Vade Secure Gateway. The vulnerability is a Cross Site Scripting (XSS) issue in the handling of GET requests after the /css/ directory, enabling a remote attacker to execute arbitrary code via a crafted payload. The available sources indicate a reflected-type XSS in this pr...

6.1CVSS6.3AI score0.0068EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/06/09 12:0 a.m.48 views

CVE-2023-29712

CVE-2023-29712, CVE-2023-29713, CVE-2023-29714 describe Cross Site Scripting vulns in Vade Secure Gateway. CVE-2023-29712: XSS via crafted payload to the X-Rewrite-URL parameter. CVE-2023-29713: XSS via a GET request after the /css/ directory. CVE-2023-29714: XSS via the username, password, and l...

6.1CVSS6.3AI score0.00883EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2023/06/09 12:0 a.m.68 views

CVE-2023-29714

CVE-2023-29714 is a Cross Site Scripting vulnerability in Vade Secure Gateway . The issue allows a remote attacker to execute arbitrary code via the username, password, and language cookies parameter. The provided sources describe the vulnerability consistently across multiple databases (includin...

6.1CVSS6.4AI score0.0068EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2023/06/09 12:0 a.m.4 views

Vade Secure Gateway 跨站脚本漏洞

Vade Secure Gateway is an engineering intelligence-driven collaborative email security from Vade Secure. A security vulnerability exists in Vade Secure Gateway. An attacker can exploit the vulnerability to execute arbitrary code via the username, password and language cookie parameters...

6.1CVSS6.7AI score0.0068EPSS
Exploits0References4
Rows per page
Query Builder