206 matches found
The vulnerability of the microprogrammed software of the Trio Q, Trio E, and Trio J Ethernet receivers lies in their ability to be redirected to untrusted URL addresses. This allows attackers to redirect users to arbitrary websites.
The vulnerability of the microprogrammed Ethernet receiver software from the Trio Q, Trio E, and Trio J series is related to the ability to redirect users to untrusted URL addresses. Exploiting this vulnerability allows a malicious actor to redirect users to arbitrary websites by sending speciall...
Schneider Electric Trio Q-Series Ethernet Data Radio Security Vulnerability
The Schneider Electric Trio Q-Series Ethernet Data Radio is a radio from Schneider Electric France. A security vulnerability exists in the Schneider Electric Trio Q-Series Ethernet Data Radio version 2.7.0, Trio E-Series Ethernet Data Radio, and Trio J-Series Ethernet Data Radio that originates...
Schneider Electric Trio Q-Series Ethernet Data Radio Input Validation Error Vulnerability
The Schneider Electric Trio Q-Series Ethernet Data Radio is a radio from Schneider Electric France. An input validation error vulnerability exists in the Schneider Electric Trio Q-Series Ethernet Data Radio version 2.7.0, Trio E-Series Ethernet Data Radio, and Trio J-Series Ethernet Data Radio,...
PT-2023-7822 · Trio J +2 · Trio J +2
Name of the Vulnerable Software and Affected Versions: Trio Q, Trio E, Trio J affected versions not specified Description: A CWE-601:URL Redirection to Untrusted Site ‘Open Redirect’ issue exists, potentially causing information disclosure through phishing attempts over HTTP. This could allow a...
CVE-2023-31094
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Lauri Karisola / WP Trio Stock Sync for WooCommerce plugin = 2.4.0 versions...
CVE-2023-31094
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Lauri Karisola / WP Trio Stock Sync for WooCommerce plugin = 2.4.0 versions...
CVE-2023-31094
CVE-2023-31094: unauthenticated reflected XSS in Stock Sync for WooCommerce (WordPress plugin) versions <= 2.4.0. Root cause: vulnerability in input handling that allows injection of script via page parameter, leading to potential cookie/session data exposure or defacement as described in mult...
CVE-2023-31094 WordPress Stock Sync for WooCommerce Plugin <= 2.4.0 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Lauri Karisola / WP Trio Stock Sync for WooCommerce plugin = 2.4.0 versions...
trio.plurial.net Cross Site Scripting vulnerability OBB-3439430
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Fedora: Security Advisory for python-starlette (FEDORA-2023-b082504356)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 37 Update: python-starlette-0.20.4-3.fc37
Starlette is a lightweight ASGI framework/toolkit, which is ideal for building async web services in Python. It is production-ready, and gives you the following: =EF=BF=BD=EF=BF=BD=EF=BF=BD A lightweight, low-complexity HTTP web framewor k. =EF=BF=BD=EF=BF=BD=EF=BF=BD WebSocket support...
CVE-2023-24282
An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 allows attackers to execute arbitrary code via a crafted ringtone file...
CVE-2023-24282
An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 allows attackers to execute arbitrary code via a crafted ringtone file...
Design/Logic Flaw
An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 allows attackers to execute arbitrary code via a crafted ringtone file...
CVE-2023-24282
An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 allows attackers to execute arbitrary code via a crafted ringtone file...
CVE-2023-24282
The connected source CNNVD-202303-656 confirms a concrete vulnerability in Poly Trio 8800, version 7.2.2.1094, where an arbitrary file upload flaw can be exploited to execute arbitrary code via a crafted ringtone file. This defines the affected product/version and the root cause (unrestricted fil...
Poly Trio 跨站脚本漏洞
Poly Trio is a Trio series business conference phone from Poly USA. A security vulnerability exists in Poly Trio 8800 version 7.2.2.1094, which stems from the inclusion of an arbitrary file upload vulnerability. An attacker can exploit this vulnerability to execute arbitrary code...
CVE-2023-24282
An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 allows attackers to execute arbitrary code via a crafted ringtone file...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin = 2.3.1 leading to activation/deactivation of plugin rulesets...
CVE-2022-46805 WordPress Conditional Payments for WooCommerce Plugin <= 2.3.1 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin = 2.3.1 leading to activation/deactivation of plugin rulesets...