PT-2025-26832 · Unknown · Zoomsounds

Name of the Vulnerable Software and Affected Versions: ZoomSounds plugin versions prior to 6.05 Description: The issue allows unauthenticated users to upload an arbitrary file anywhere on the web server due to a vulnerable PHP file. Recommendations: For versions prior to 6.05, update to version...

PT-2024-3703 · Pccx26 +5 · Pccx26 +5

Name of the Vulnerable Software and Affected Versions: CPC80 Central Processing/Communication versions prior to V16.41 CPCI85 Central Processing/Communication versions prior to V5.30 CPCX26 Central Processing/Communication versions prior to V06.02 ETA4 Ethernet Interface IEC60870-5-104 versions...

ZoomSounds < 6.05 - Unauthenticated Arbitrary File Upload

The plugin contained a PHP file, allowing unauthenticated users to upload an arbitrary file anywhere on the web server. Note WPScanTeam: It's unclear which version fixed the issue exactly, however we were able to confirm the issue on version as high as v5.96 and that the related file has been...

Command injection

Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 is remotely accessible via Port 22/SSH without authentication. A remote attacker may be able to make unauthorized configuration changes to the WBM, as well as issue commands to access...

Design/Logic Flaw

An unauthenticated remote attacker may be able to execute commands to view wireless account credentials that are stored in cleartext on Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16, which may allow an attacker to gain access the hos...

CVE-2014-5433

An unauthenticated remote attacker may be able to execute commands to view wireless account credentials that are stored in cleartext on Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16, which may allow an attacker to gain access the hos...

Hardcoded credentials

Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 contains a hard-coded password, which provides access to basic biomedical information, limited device settings, and network configuration of the WBM, if connected. The hard-coded password...

CVE-2014-5431

Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 contains a hard-coded password, which provides access to basic biomedical information, limited device settings, and network configuration of the WBM, if connected. The hard-coded password...

CVE-2014-5434

Baxter SIGMA Spectrum Infusion System version 6.05 model 35700BAX with wireless battery module WBM version 16 has a default account with hard-coded credentials used with the FTP protocol. Baxter asserts no files can be transferred to or from the WBM using this account. Baxter has released a new...

Baxter SIGMA Spectrum Infusion System Vulnerabilities

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on June 30, 2015, and is being released to the NCCIC/ICS-CERT web site. Researcher Jared Bird with Allina IS Security identified four vulnerabilities in Baxter’s SIGMA Spectrum Infusion System. Baxter has released a...

Titan FTP Server DELE Command Remote Buffer Overflow Vulnerability

This host is running Titan FTP Server and is prone to remote buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbtitanftpserverbofvuln.nasl 4227 2016-10-07 05:45:35Z teissa $ Titan FTP Server DELE Command Remote Buffer Overflow Vulnerability Authors: Chandan S Copyright: Copyright c...

Java-Applet crashes Opera 6.05 and 7.01

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Security Advisory Beauchamp Security: Java-Applet crashes Opera 6.05 and 7.01 Applet crashes Opera 6.05 and 7.01 =================================================== Vendor: Opera Versions affected: Opera 6.05 / 7.01 Date: 3rd February 2003 Type of...