21 matches found
CVE-2023-49232
An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an unauthenticated attacker to brute-force the password reset PINs of administrative users...
CVE-2023-49234
An XML external entity XXE vulnerability was found in Stilog Visual Planning 8. It allows an authenticated attacker to access local server files and exfiltrate data to an external server...
CVE-2023-49231
An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an unauthenticated attacker to receive an administrative API token...
EUVD-2023-53237
Malicious code in bioql PyPI...
CVE-2023-49232
An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an unauthenticated attacker to brute-force the password reset PINs of administrative users...
CVE-2023-49234
An XML external entity XXE vulnerability was found in Stilog Visual Planning 8. It allows an authenticated attacker to access local server files and exfiltrate data to an external server...
CVE-2023-49231
An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an unauthenticated attacker to receive an administrative API token...
CVE-2023-49232
An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an unauthenticated attacker to brute-force the password reset PINs of administrative users...
CVE-2023-49234
An XML external entity XXE vulnerability was found in Stilog Visual Planning 8. It allows an authenticated attacker to access local server files and exfiltrate data to an external server...
CVE-2023-49232
An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an unauthenticated attacker to brute-force the password reset PINs of administrative users...
PT-2024-13700 · Stilog · Stilog Visual Planning
Name of the Vulnerable Software and Affected Versions: Stilog Visual Planning version 8 Description: An authentication bypass issue was found, allowing an unauthenticated attacker to obtain an administrative API token. Recommendations: For Stilog Visual Planning version 8, consider restricting...
Stilog Visual Planning 8 安全漏洞
Stilog Visual Planning is software from Stilog that allows you to efficiently manage resource allocation and share schedules with employees. A security vulnerability exists in Stilog Visual Planning 8. An attacker could exploit the vulnerability to receive management API tokens...
Stilog Visual Planning 安全漏洞
Stilog Visual Planning is software from Stilog that allows you to efficiently manage resource allocation and share schedules with employees. A security vulnerability exists in Stilog Visual Planning. An attacker could use this vulnerability to brute force the password reset PIN of an administrati...
Stilog Visual Planning 安全漏洞
Stilog Visual Planning is software from Stilog that allows you to efficiently manage resource allocation and share schedules with employees. A security vulnerability exists in Stilog Visual Planning 8. An attacker could exploit the vulnerability to access local server files and leak data to an...
CVE-2023-49232
CVE-2023-49232 affects Stilog Visual Planning 8. An unauthenticated attacker can bypass authentication by brute-forcing administrative password reset PINs, enabling account access via the Visual Planning app. The vulnerability impacts the password-reset flow and can lead to administrative comprom...
PT-2024-13701 · Stilog · Stilog Visual Planning
Name of the Vulnerable Software and Affected Versions: Stilog Visual Planning version 8 Description: An authentication bypass issue was found, allowing an unauthenticated attacker to brute-force the password reset PINs of administrative users. Recommendations: For Stilog Visual Planning version 8...
CVE-2023-49234
Stilog Visual Planning 8 is affected by an XXE vulnerability. An authenticated attacker can exploit XML parser weaknesses to read arbitrary files on the application server and exfiltrate data to an external server. According to Schutzwerk, all versions prior to Visual Planning 8 (Build 240207) ar...
CVE-2023-49231
An authentication bypass affecting Stilog Visual Planning 8 (pre-build 240207) is documented. A wildcard injection inside a prepared SQL statement in the REST API v2.0 enabled attackers to exfiltrate the REST API key and obtain an administrative API token, granting unauthenticated admin access. T...
CVE-2023-49231
An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an unauthenticated attacker to receive an administrative API token...
CVE-2023-49231
An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an unauthenticated attacker to receive an administrative API token...