95 matches found
EUVD-2023-56298
Malicious code in bioql PyPI...
EUVD-2023-56282
Malicious code in bioql PyPI...
EUVD-2022-54224
Malicious code in bioql PyPI...
EUVD-2023-56283
Malicious code in bioql PyPI...
EUVD-2023-56305
Malicious code in bioql PyPI...
EUVD-2023-56296
Malicious code in bioql PyPI...
Voltronic Power多款产品 安全漏洞
Voltronic Power ViewPower and others are products of Voltronic Power.Voltronic Power ViewPower is a monitoring and management software for solar inverters.Voltronic Power ViewPower Pro is a software for monitoring and managing uninterrupted Voltronic Power ViewPower Pro is a software program for...
CVE-2022-31491
Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield Netguard before 1.04-23292 allows a remote attacker to run arbitrary code via an unspecified web interface related to detection of a managed UPS shutting down. An unauthenticated attacker can use this t...
CVE-2022-31491
CVE-2022-31491 affects Voltronic Power ViewPower (<= 1.04-24215), ViewPower Pro (<= 2.0-22165), and PowerShield Netguard ( 1.04-24215, ViewPower Pro > 2.0-22165, Netguard >= 1.04-23292); multiple advisories (CISA ICS, Red Hat, NVD) corroborate the vulnerability. If available, PoC/Expl...
CVE-2022-31491
Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield Netguard before 1.04-23292 allows a remote attacker to run arbitrary code via an unspecified web interface related to detection of a managed UPS shutting down. An unauthenticated attacker can use this t...
Exploit for CVE-2022-31491
CVE-2022-31491 Metasploit module and PoC are coming. Further...
Voltronic Power ViewPower Elevation of Privilege Vulnerability
Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. An elevation of privilege vulnerability exists in Voltronic Power ViewPower Pro due to hard-coded database credentials. An attacker can exploit the vulnerability to escalate privileges and execu...
Voltronic Power ViewPower XML External Entity Injection Vulnerability
Voltronic Power ViewPower is Voltronic Power's monitoring and management software for solar inverters. Voltronic Power ViewPower Pro suffers from an XML external entity injection vulnerability that can be exploited by attackers to disclose sensitive information...
CVE-2023-51595
Voltronic Power ViewPower Pro selectDeviceListBy SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The...
CVE-2023-51595
Voltronic Power ViewPower Pro selectDeviceListBy SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The...
CVE-2023-51588
Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower Pro. An attacker must first obtain the ability to execute...
CVE-2023-51590
Voltronic Power ViewPower Pro UpLoadAction Unrestricted File Upload Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. T...
CVE-2023-51593
Voltronic Power ViewPower Pro Expression Language Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The...
CVE-2023-51588
Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower Pro. An attacker must first obtain the ability to execute...
CVE-2023-51591
Voltronic Power ViewPower Pro doDocument XML External Entity Processing Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this...