CVE-2023-34429

Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token...

Weintek Weincloud 授权问题漏洞

Weintek Weincloud is a cloud-based monitoring platform from Weintek, Inc. An authorization issue vulnerability exists in Weintek Weincloud version v0.13.6, which stems from a vulnerability that could allow an attacker to reset passwords using only the JWT token of the corresponding account...

Weintek Weincloud 安全漏洞

Weintek Weincloud is a cloud-based monitoring platform from Weintek, Inc. A security vulnerability exists in Weintek Weincloud version v0.13.6, which originates from an attacker who can effectively brute-force an attack on credentials by exploiting an authentication prompt in an error message...

PT-2023-5704 · Weintek · Weintek Weincloud

Name of the Vulnerable Software and Affected Versions: Weintek Weincloud version 0.13.6 Description: The issue is related to the incorrect handling of construction elements in the Weincloud cloud platform for managing industrial devices. An attacker could exploit this by sending a forged JWT toke...

Design/Logic Flaw

geminabox aka Gem in a Box before 0.13.6 has XSS, as demonstrated by uploading a gem file that has a crafted gem.homepage value in its .gemspec file...