Lucene search
K

206 matches found

BDU FSTEC
BDU FSTEC
added 2023/12/19 12:0 a.m.5 views

The vulnerability of the microprogrammed software of the Trio Q, Trio E, and Trio J Ethernet receivers lies in their ability to be redirected to untrusted URL addresses. This allows attackers to redirect users to arbitrary websites.

The vulnerability of the microprogrammed Ethernet receiver software from the Trio Q, Trio E, and Trio J series is related to the ability to redirect users to untrusted URL addresses. Exploiting this vulnerability allows a malicious actor to redirect users to arbitrary websites by sending speciall...

8.5CVSS6.4AI score0.00423EPSS
Exploits0References3Affected Software2
CNNVD
CNNVD
added 2023/12/14 12:0 a.m.7 views

Schneider Electric Trio Q-Series Ethernet Data Radio Security Vulnerability

The Schneider Electric Trio Q-Series Ethernet Data Radio is a radio from Schneider Electric France. A security vulnerability exists in the Schneider Electric Trio Q-Series Ethernet Data Radio version 2.7.0, Trio E-Series Ethernet Data Radio, and Trio J-Series Ethernet Data Radio that originates...

6.5CVSS6.7AI score0.00282EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/14 12:0 a.m.5 views

Schneider Electric Trio Q-Series Ethernet Data Radio Input Validation Error Vulnerability

The Schneider Electric Trio Q-Series Ethernet Data Radio is a radio from Schneider Electric France. An input validation error vulnerability exists in the Schneider Electric Trio Q-Series Ethernet Data Radio version 2.7.0, Trio E-Series Ethernet Data Radio, and Trio J-Series Ethernet Data Radio,...

8.2CVSS6.6AI score0.00423EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/12 12:0 a.m.8 views

PT-2023-7822 · Trio J +2 · Trio J +2

Name of the Vulnerable Software and Affected Versions: Trio Q, Trio E, Trio J affected versions not specified Description: A CWE-601:URL Redirection to Untrusted Site ‘Open Redirect’ issue exists, potentially causing information disclosure through phishing attempts over HTTP. This could allow a...

8.5CVSS6.2AI score0.00423EPSS
Exploits0References8
OSV
OSV
added 2023/08/18 1:15 p.m.5 views

CVE-2023-31094

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Lauri Karisola / WP Trio Stock Sync for WooCommerce plugin = 2.4.0 versions...

6.1CVSS7.3AI score0.00379EPSS
Exploits0References1
NVD
NVD
added 2023/08/18 1:15 p.m.20 views

CVE-2023-31094

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Lauri Karisola / WP Trio Stock Sync for WooCommerce plugin = 2.4.0 versions...

7.1CVSS6.3AI score0.00379EPSS
Exploits0References1
CVE
CVE
added 2023/08/18 12:50 p.m.49 views

CVE-2023-31094

CVE-2023-31094: unauthenticated reflected XSS in Stock Sync for WooCommerce (WordPress plugin) versions <= 2.4.0. Root cause: vulnerability in input handling that allows injection of script via page parameter, leading to potential cookie/session data exposure or defacement as described in mult...

7.1CVSS6AI score0.00379EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/08/18 12:50 p.m.19 views

CVE-2023-31094 WordPress Stock Sync for WooCommerce Plugin <= 2.4.0 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Lauri Karisola / WP Trio Stock Sync for WooCommerce plugin = 2.4.0 versions...

7.1CVSS6.4AI score0.00379EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2023/06/17 8:9 p.m.6 views

trio.plurial.net Cross Site Scripting vulnerability OBB-3439430

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
OpenVAS
OpenVAS
added 2023/05/27 12:0 a.m.10 views

Fedora: Security Advisory for python-starlette (FEDORA-2023-b082504356)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2023/05/26 1:32 a.m.20 views

[SECURITY] Fedora 37 Update: python-starlette-0.20.4-3.fc37

Starlette is a lightweight ASGI framework/toolkit, which is ideal for building async web services in Python. It is production-ready, and gives you the following: =EF=BF=BD=EF=BF=BD=EF=BF=BD A lightweight, low-complexity HTTP web framewor k. =EF=BF=BD=EF=BF=BD=EF=BF=BD WebSocket support...

7.3AI score
Exploits0
OSV
OSV
added 2023/03/08 9:15 p.m.3 views

CVE-2023-24282

An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 allows attackers to execute arbitrary code via a crafted ringtone file...

5.4CVSS6.3AI score0.00495EPSS
Exploits1References2
NVD
NVD
added 2023/03/08 9:15 p.m.22 views

CVE-2023-24282

An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 allows attackers to execute arbitrary code via a crafted ringtone file...

5.4CVSS6AI score0.00495EPSS
Exploits1References1
Prion
Prion
added 2023/03/08 9:15 p.m.18 views

Design/Logic Flaw

An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 allows attackers to execute arbitrary code via a crafted ringtone file...

4.9CVSS6AI score0.00495EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/03/08 12:0 a.m.32 views

CVE-2023-24282

An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 allows attackers to execute arbitrary code via a crafted ringtone file...

6.3AI score0.00495EPSS
Exploits1References1
CVE
CVE
added 2023/03/08 12:0 a.m.57 views

CVE-2023-24282

The connected source CNNVD-202303-656 confirms a concrete vulnerability in Poly Trio 8800, version 7.2.2.1094, where an arbitrary file upload flaw can be exploited to execute arbitrary code via a crafted ringtone file. This defines the affected product/version and the root cause (unrestricted fil...

5.4CVSS6AI score0.00495EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/03/08 12:0 a.m.8 views

Poly Trio 跨站脚本漏洞

Poly Trio is a Trio series business conference phone from Poly USA. A security vulnerability exists in Poly Trio 8800 version 7.2.2.1094, which stems from the inclusion of an arbitrary file upload vulnerability. An attacker can exploit this vulnerability to execute arbitrary code...

5.4CVSS6.2AI score0.00495EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/03/08 12:0 a.m.8 views

CVE-2023-24282

An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 allows attackers to execute arbitrary code via a crafted ringtone file...

8AI score0.00495EPSS
Exploits1References2
Prion
Prion
added 2023/03/01 3:15 p.m.19 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin = 2.3.1 leading to activation/deactivation of plugin rulesets...

5.8CVSS5.6AI score0.00215EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/03/01 2:8 p.m.22 views

CVE-2022-46805 WordPress Conditional Payments for WooCommerce Plugin <= 2.3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin = 2.3.1 leading to activation/deactivation of plugin rulesets...

5.4CVSS5.9AI score0.00215EPSS
Exploits0References1
Rows per page
Query Builder