Lucene search
K

47 matches found

RedhatCVE
RedhatCVE
added 2025/05/02 7:12 p.m.13 views

CVE-2024-9877

: Use of GET Request Method With Sensitive Query Strings vulnerability in ABB ANC, ABB ANC-L, ABB ANC-mini.This issue affects ANC: through 1.1.4; ANC-L: through 1.1.4; ANC-mini: through 1.1.4...

5.3CVSS7.1AI score0.0018EPSS
Exploits0References3
NVD
NVD
added 2025/04/30 7:15 p.m.11 views

CVE-2024-9877

: Use of GET Request Method With Sensitive Query Strings vulnerability in ABB ANC, ABB ANC-L, ABB ANC-mini.This issue affects ANC: through 1.1.4; ANC-L: through 1.1.4; ANC-mini: through 1.1.4...

5.3CVSS0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/30 12:0 a.m.4 views

PT-2025-18312 · Abb · Abb Anc-L +2

Name of the Vulnerable Software and Affected Versions: ABB ANC versions through 1.1.4 ABB ANC-L versions through 1.1.4 ABB ANC-mini versions through 1.1.4 Description: The issue is related to the use of the GET request method with sensitive query strings. This problem affects various ABB products...

5.3CVSS6.3AI score0.0018EPSS
Exploits0References5
NVD
NVD
added 2025/03/17 1:15 a.m.15 views

CVE-2025-2356

A vulnerability was found in BlackVue App 3.65 on Android. It has been classified as problematic. This affects the function deviceDelete of the component API Handler. The manipulation leads to use of get request method with sensitive query strings. It is possible to initiate the attack remotely...

6.3CVSS0.0039EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/17 1:0 a.m.26 views

CVE-2025-2356 BlackVue App API deviceDelete get request method with sensitive query strings

A vulnerability was found in BlackVue App 3.65 on Android. It has been classified as problematic. This affects the function deviceDelete of the component API Handler. The manipulation leads to use of get request method with sensitive query strings. It is possible to initiate the attack remotely...

6.3CVSS0.0039EPSS
Exploits0References3
NVD
NVD
added 2025/02/13 4:15 p.m.10 views

CVE-2024-12012

A CWE-598 “Use of GET Request Method with Sensitive Query Strings” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. Both the SHA-1 hash of the password as well as the session tokens are included as part of the URL and therefore exposed to information leakage...

5.7CVSS0.00353EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/27 5:0 p.m.10 views

CVE-2025-0730 TP-Link TL-SG108E HTTP GET Request usr_account_set.cgi get request method with sensitive query strings

A vulnerability classified as problematic has been found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. Affected is an unknown function of the file /usraccountset.cgi of the component HTTP GET Request Handler. The manipulation of the argument username/password leads to use of get request...

6.3CVSS0.00663EPSS
Exploits1References6
Veracode
Veracode
added 2024/03/13 5:47 a.m.20 views

Sensitive Query Strings In GET Request

directus is vulnerable to the Use of a GET Request Method With Sensitive Query Strings. The vulnerability is due to the inclusion of session tokens in URLs, which are often logged in various places, posing a security risk. Attackers gaining access to these logs may hijack active user sessions,...

2.3CVSS6.6AI score0.00245EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/10/10 5:15 p.m.26 views

Cross site request forgery (csrf)

A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 - 7.0.12, 7.2.0 - 7.2.5 and 7.4.0 allows an attacker to view plaintext passwords of remote services such as RDP or VNC, if the attacker is able to read the GET requests to those services...

5CVSS7.4AI score0.00879EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/09/29 3:15 a.m.3 views

CVE-2020-15337

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /registerCpe requests...

5.3CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2022/09/29 3:15 a.m.21 views

CVE-2020-15337

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /registerCpe requests...

5.3CVSS0.0079EPSS
Exploits1References2
NVD
NVD
added 2022/09/29 3:15 a.m.15 views

CVE-2020-15338

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /cnr requests...

5.3CVSS0.00759EPSS
Exploits1References2
Prion
Prion
added 2022/09/29 3:15 a.m.12 views

Cross site request forgery (csrf)

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /cnr requests...

5CVSS5.4AI score0.00759EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/09/29 3:15 a.m.22 views

Cross site request forgery (csrf)

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /registerCpe requests...

5CVSS5.4AI score0.0079EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2022/01/25 12:0 a.m.15 views

Unspecified vulnerability in DELL EMC AppSync (CNVD-2022-06705)

DELL EMC AppSync is a replication data management software from Dell USA Inc. A security vulnerability exists in DELL EMC AppSync due to the use of the GET request method with sensitive query strings in DELL EMC AppSync versions 3.9 through 4.3. . An attacker could use this vulnerability to hijac...

8.8CVSS3AI score0.00388EPSS
Exploits0References1
NVD
NVD
added 2022/01/21 9:15 p.m.11 views

CVE-2022-22551

DELL EMC AppSync versions 3.9 to 4.3 use GET request method with sensitive query strings. An Adjacent, unauthenticated attacker could potentially exploit this vulnerability, and hijack the victim session...

8.8CVSS0.00388EPSS
Exploits0References1
OSV
OSV
added 2022/01/21 9:15 p.m.3 views

CVE-2022-22551

DELL EMC AppSync versions 3.9 to 4.3 use GET request method with sensitive query strings. An Adjacent, unauthenticated attacker could potentially exploit this vulnerability, and hijack the victim session...

8.8CVSS5.8AI score0.00388EPSS
Exploits0References1
Prion
Prion
added 2022/01/21 9:15 p.m.12 views

Cross site request forgery (csrf)

DELL EMC AppSync versions 3.9 to 4.3 use GET request method with sensitive query strings. An Adjacent, unauthenticated attacker could potentially exploit this vulnerability, and hijack the victim session...

5.8CVSS8.5AI score0.00388EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/01/21 8:15 p.m.18 views

CVE-2022-22551

DELL EMC AppSync versions 3.9 to 4.3 use GET request method with sensitive query strings. An Adjacent, unauthenticated attacker could potentially exploit this vulnerability, and hijack the victim session...

8.3CVSS8.8AI score0.00388EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/01/21 12:0 a.m.4 views

DELL EMC AppSync 授权问题漏洞

DELL EMC AppSync is a replication data management software from Dell USA Inc. A security vulnerability exists in DELL EMC AppSync due to the use of the GET request method with sensitive query strings in DELL EMC AppSync versions 3.9 through 4.3. . An attacker could use this vulnerability to hijac...

8.8CVSS5.6AI score0.00388EPSS
Exploits0References2
Rows per page
Query Builder