Lucene search
K

7 matches found

Cvelist
Cvelist
added 2025/10/15 1:24 a.m.8 views

CVE-2023-7305 SmartBI RMIServlet Unrestricted File Upload RCE

SmartBI V8, V9, and V10 contain an unrestricted file upload vulnerability via the RMIServlet request handling logic. Under certain configurations or usage patterns, attackers can send specially crafted requests that cause the application to perform sensitive operations or execute arbitrary code o...

9.2CVSS0.00485EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/16 12:0 a.m.6 views

PT-2024-25996 · Sunhillo · Sunhillo Sureline

Name of the Vulnerable Software and Affected Versions: Sunhillo SureLine versions through 8.10.0 Description: The issue allows for cgi/usrPasswd.cgi userid change XSS within the Forgot Password feature. This can be exploited through the /cgi/usrPasswd.cgi endpoint, specifically targeting the user...

6.1CVSS6AI score0.00398EPSS
Exploits0References6
OSV
OSV
added 2023/05/23 2:15 a.m.6 views

CVE-2023-27521

OS command injection vulnerability in the mail setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows remote authenticated attackers to execute an arbitrary OS command...

8.8CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/05/23 12:0 a.m.5 views

PT-2023-21420 · Unknown · Solarview Compact Sv-Cpt-Mc310

Name of the Vulnerable Software and Affected Versions: SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 SolarView Compact SV-CPT-MC310F versions prior to Ver.8.10 Description: The issue is related to improper access control in the system date/time setting page, allowing a remote...

4.3CVSS6.6AI score0.01832EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/05/23 12:0 a.m.5 views

Contec SolarView Compact 操作系统命令注入漏洞

Contec SolarView Compact is an application system from Contec Japan. It provides measurement system for photovoltaic power generation. A security vulnerability exists in Contec SolarView Compact SV-CPT-MC310 Ver.8.10 prior and SV-CPT-MC310F Ver.8.10 prior, which stems from the presence of an...

8.8CVSS8.4AI score0.01908EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2021/03/23 11:24 a.m.4 views

Critical Flaws Affecting GE's Universal Relay Pose Threat to Electric Utilities

The U.S. Cybersecurity and Infrastructure Security Agency CISA has warned of critical security shortcomings in GE's Universal Relay UR family of power management devices. "Successful exploitation of these vulnerabilities could allow an attacker to access sensitive information, reboot the UR, gain...

9.8CVSS6.7AI score0.01163EPSS
Exploits0
CNNVD
CNNVD
added 2020/12/14 12:0 a.m.9 views

Gallagher Group Command Centre SQL Injection Vulnerability

Gallagher Group Command Centre is a centralized control tool for Gallagher access control systems from Gallagher Group New Zealand. A SQL injection vulnerability exists in Gallagher Group Command Centre, which can be exploited by a remote attacker to execute arbitrary SQL against a third-party...

8.2CVSS7.4AI score0.009EPSS
Exploits0References2
Rows per page
Query Builder