Lucene search
K

31 matches found

Nuclei
Nuclei
added 16 hours ago29 views

Personal Weather Station Dashboard 12 - Directory Traversal

Personal Weather Station Dashboard 12lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/test.php, as demonstrated by reading the server's private SSL key in cleartext. id: CVE-2025-47423 info: name: Personal Weather...

5.8CVSS7.5AI score0.02114EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:31 a.m.4 views

CVE-2023-25478

Cross-Site Request Forgery CSRF vulnerability in Jason Rouet Weather Station plugin = 3.8.12 versions...

8.8CVSS7AI score0.00309EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-13912

Malicious code in bioql PyPI...

5.8CVSS9AI score0.02114EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-29433

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00309EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/09 12:28 a.m.15 views

CVE-2025-47423

Personal Weather Station Dashboard 12lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/test.php, as demonstrated by reading the server's private SSL key in cleartext...

5.8CVSS7.2AI score0.02114EPSS
Exploits1References1
NVD
NVD
added 2025/05/07 6:15 p.m.16 views

CVE-2025-47423

Personal Weather Station Dashboard 12lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/test.php, as demonstrated by reading the server's private SSL key in cleartext...

5.8CVSS0.02114EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.6 views

PT-2025-20287 · Unknown · Pws Personal Weather Station Dashboard

Name of the Vulnerable Software and Affected Versions: Personal Weather Station Dashboard version 12 lts Description: The issue allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to "/others/ test.php". This can be exploited to read...

5.8CVSS9.2AI score0.02114EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.11 views

Personal Weather Station Dashboard 安全漏洞

Personal Weather Station Dashboard PWSDashboard is a data-rich weather dashboard from the PWSDashboard open source. A security vulnerability exists in Personal Weather Station Dashboard, which stems from a directory traversal vulnerability in /test.php that could lead to reading arbitrary files...

5.8CVSS9AI score0.02114EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/05/07 12:0 a.m.8 views

CVE-2025-47423

Personal Weather Station Dashboard 12lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/test.php, as demonstrated by reading the server's private SSL key in cleartext...

5.8CVSS5.8AI score0.02114EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/05/07 12:0 a.m.16 views

CVE-2025-47423

Personal Weather Station Dashboard 12lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/test.php, as demonstrated by reading the server's private SSL key in cleartext...

5.8CVSS0.02114EPSS
Exploits1References2
CVE
CVE
added 2025/05/07 12:0 a.m.94 views

CVE-2025-47423

CVE-2025-47423 affects Personal Weather Station Dashboard (12_lts). A directory traversal fault in /others/_test.php (test parameter) allows unauthenticated remote readers to access arbitrary files, including server private keys. Root cause: insufficient sanitization of the test parameter enablin...

5.8CVSS5.8AI score0.02114EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/02/25 12:0 a.m.7 views

PT-2025-22369

Name of the Vulnerable Software and Affected Versions Smartbedded Meteobridge versions prior to 6.2 Description The Meteobridge web interface is susceptible to a command injection flaw. This allows remote, unauthenticated attackers to execute arbitrary commands with elevated privileges root on...

8.8CVSS8.2AI score0.94666EPSS
Exploits3References66
NVD
NVD
added 2023/07/10 4:15 p.m.16 views

CVE-2023-25478

Cross-Site Request Forgery CSRF vulnerability in Jason Rouet Weather Station plugin = 3.8.12 versions...

8.8CVSS5.8AI score0.00309EPSS
Exploits0References1
OSV
OSV
added 2023/07/10 4:15 p.m.4 views

CVE-2023-25478

Cross-Site Request Forgery CSRF vulnerability in Jason Rouet Weather Station plugin = 3.8.12 versions...

8.8CVSS7.3AI score0.00309EPSS
Exploits0References1
Prion
Prion
added 2023/07/10 4:15 p.m.19 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Jason Rouet Weather Station plugin = 3.8.12 versions...

6.8CVSS8.7AI score0.00309EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/07/10 12:44 p.m.18 views

CVE-2023-25478 WordPress Weather Station Plugin <= 3.8.12 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Jason Rouet Weather Station plugin = 3.8.12 versions...

4.3CVSS9AI score0.00309EPSS
Exploits0References1
CVE
CVE
added 2023/07/10 12:44 p.m.119 views

CVE-2023-25478

CVE-2023-25478 corresponds to a Cross-Site Request Forgery (CSRF) in the Weather Station WordPress plugin, affected versions

8.8CVSS6.5AI score0.00309EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/07/10 12:0 a.m.6 views

Wrodpress Plugin Weather Station 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

8.8CVSS8.1AI score0.00309EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/07/10 12:0 a.m.7 views

PT-2023-20096 · Unknown · Jason Rouet Weather Station

Name of the Vulnerable Software and Affected Versions: Jason Rouet Weather Station plugin versions = 3.8.12 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended actions on the web...

8.8CVSS8.9AI score0.00309EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/04/25 12:0 a.m.5 views

PT-2023-14639 · Unknown · Pws Personal Weather Station Dashboard

Name of the Vulnerable Software and Affected Versions: PWS Personal Weather Station Dashboard PWS Dashboard version 2012 lts Description: The issue allows remote code execution by injecting PHP code into settings.php. Attacks can use the "PWS printfile.php", "PWS frame text.php", "PWS...

7.2CVSS8.3AI score0.01326EPSS
Exploits1References5
Rows per page
Query Builder