Lucene search
K

104 matches found

NVD
NVD
added 2025/06/23 8:15 p.m.18 views

CVE-2023-47030

An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a GET request to a UserService SOAP API endpoint to validate if a user exists...

9.8CVSS0.00629EPSS
Exploits1References2
OSV
OSV
added 2025/06/23 6:15 p.m.6 views

CVE-2023-47029

An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted POST request to the UserService component...

9.8CVSS6.1AI score0.00625EPSS
Exploits1References2
NVD
NVD
added 2025/06/23 6:15 p.m.5 views

CVE-2023-47029

An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted POST request to the UserService component...

9.8CVSS0.00625EPSS
Exploits1References2
OSV
OSV
added 2025/06/23 5:15 p.m.3 views

CVE-2023-47031

An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to escalate privileges via a crafted POST request to the grantRolesToUsers, grantRolesToGroups, and grantRolesToOrganization SOAP API component...

9.8CVSS5.9AI score0.00642EPSS
Exploits1References3
NVD
NVD
added 2025/06/23 5:15 p.m.24 views

CVE-2023-47031

An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to escalate privileges via a crafted POST request to the grantRolesToUsers, grantRolesToGroups, and grantRolesToOrganization SOAP API component...

9.8CVSS0.00642EPSS
Exploits1References1
OSV
OSV
added 2025/06/23 4:15 p.m.4 views

CVE-2023-47294

An issue in NCR Terminal Handler v1.5.1 allows low-level privileged authenticated attackers to arbitrarily deactivate, lock, and delete user accounts via a crafted session cookie...

8.1CVSS5.8AI score0.00284EPSS
Exploits1References2
OSV
OSV
added 2025/06/23 4:15 p.m.8 views

CVE-2023-47295

A CSV injection vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands via injecting a crafted payload into any text field that accepts strings...

9.8CVSS6AI score0.00528EPSS
Exploits1References2
NVD
NVD
added 2025/06/23 4:15 p.m.8 views

CVE-2023-47295

A CSV injection vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands via injecting a crafted payload into any text field that accepts strings...

9.8CVSS0.00528EPSS
Exploits1References2
NVD
NVD
added 2025/06/23 4:15 p.m.7 views

CVE-2023-47294

An issue in NCR Terminal Handler v1.5.1 allows low-level privileged authenticated attackers to arbitrarily deactivate, lock, and delete user accounts via a crafted session cookie...

8.1CVSS0.00284EPSS
Exploits1References2
NVD
NVD
added 2025/06/23 4:15 p.m.24 views

CVE-2023-47032

Password Vulnerability in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code via a crafted script to the UserService SOAP API function...

9.8CVSS0.00704EPSS
Exploits1References2
OSV
OSV
added 2025/06/23 4:15 p.m.5 views

CVE-2023-47032

Password Vulnerability in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code via a crafted script to the UserService SOAP API function...

9.8CVSS6.1AI score0.00704EPSS
Exploits1References2
OSV
OSV
added 2025/06/23 3:15 p.m.4 views

CVE-2023-47298

An issue in NCR Terminal Handler 1.5.1 allows a low-level privileged authenticated attacker to query the SOAP API endpoint to obtain information about all of the users of the application including their usernames, roles, security groups and account statuses...

4.3CVSS5.8AI score0.00234EPSS
Exploits1References2
NVD
NVD
added 2025/06/23 3:15 p.m.27 views

CVE-2023-47298

An issue in NCR Terminal Handler 1.5.1 allows a low-level privileged authenticated attacker to query the SOAP API endpoint to obtain information about all of the users of the application including their usernames, roles, security groups and account statuses...

4.3CVSS0.00234EPSS
Exploits1References2
NVD
NVD
added 2025/06/23 3:15 p.m.7 views

CVE-2023-47297

A settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands, including editing system security auditing configurations...

9.8CVSS0.00451EPSS
Exploits1References2
OSV
OSV
added 2025/06/23 3:15 p.m.5 views

CVE-2023-47297

A settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands, including editing system security auditing configurations...

9.8CVSS6AI score0.00451EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/06/23 12:0 a.m.9 views

CVE-2023-47294

An issue in NCR Terminal Handler v1.5.1 allows low-level privileged authenticated attackers to arbitrarily deactivate, lock, and delete user accounts via a crafted session cookie...

0.00284EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/06/23 12:0 a.m.5 views

CVE-2023-47295

A CSV injection vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands via injecting a crafted payload into any text field that accepts strings...

8.2AI score0.00528EPSS
Exploits1References2
CVE
CVE
added 2025/06/23 12:0 a.m.21 views

CVE-2023-47294

CVE-2023-47294 affects NCR Terminal Handler v1.5.1. A crafted session cookie can allow a low-privileged authenticated attacker to arbitrarily deactivate, lock, or delete user accounts. Root cause cited across sources relates to insufficient session cookie validation. Impact is user-account manipu...

8.1CVSS6.3AI score0.00284EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/06/23 12:0 a.m.3 views

NCR Atleos Terminal Handler 安全漏洞

NCR Atleos Terminal Handler is an ATM enterprise software solution from NCR Atleos that reduces costs, improves business agility and increases your competitive advantage. A security vulnerability exists in NCR Atleos Terminal Handler version 1.5.1, which stems from insufficient validation of text...

9.8CVSS6.9AI score0.00528EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/06/23 12:0 a.m.4 views

CVE-2023-47297

A settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands, including editing system security auditing configurations...

7.9AI score0.00451EPSS
Exploits1References2
Rows per page
Query Builder