193 matches found
EUVD-2017-18571
Malware in sbrugna...
EUVD-2020-11660
Malware in sbrugna...
EUVD-2018-20428
Malware in sbrugna...
EUVD-2024-49548
Malicious code in bioql PyPI...
EUVD-2024-49547
Malicious code in bioql PyPI...
EUVD-2022-24369
Malicious code in bioql PyPI...
5V Technologies Blue Angel Software Suite 操作系统命令注入漏洞
5V Technologies Blue Angel Software Suite is a management and control software suite deployed on embedded Linux devices from 5V Technologies, Taiwan, China. A security vulnerability exists in 5V Technologies Blue Angel Software Suite that originates from an OS command injection attack due to an...
CVE-2024-8526
A vulnerability in Automated Logic WebCTRL 7.0 could allow an attacker to send a maliciously crafted URL, which when visited by an authenticated WebCTRL user, could result in the redirection of the user to a malicious webpage via "index.jsp"...
CVE-2022-1019
Automated Logic's WebCtrl Server Version 6.1 'Help' index pages are vulnerable to open redirection. The vulnerability allows an attacker to send a maliciously crafted URL which could result in redirecting the user to a malicious webpage or downloading a malicious file...
CVE-2020-19762
Automated Logic Corporation ALC WebCTRL System 6.5 and prior allows remote attackers to execute any JavaScript code via a XSS payload for the first parameter in a GET request...
Automated Logic WebCTRL Premium Server Unrestricted Upload of File with Dangerous Type (CVE-2024-8525)
CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists which could allow an unauthenticated user to upload files of dangerous types without restrictions, leading to remote command execution. This plugin only works with Tenable.ot. Please visit...
Automated Logic WebCTRL Premium Server Unrestricted Upload of File with Dangerous Type (CVE-2024-8525)
CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists which could allow an unauthenticated user to upload files of dangerous types without restrictions, leading to remote command execution. This plugin only works with Tenable.ot. Please visit...
Carrier Corporation i-VU URL Redirection to Untrusted Site (CVE-2024-8526)
CWE-601 URL Redirection to Untrusted Site 'Open Redirect' vulnerability exists which could allow an attacker to send a maliciously crafted URL, which when visited by an authenticated WebCTRL user, results in the redirection of the user to a malicious webpage via 'index.jsp' This plugin only works...
Automated Logic WebCTRL Premium Server Unrestricted Upload of File with Dangerous Type (CVE-2024-8525)
CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists which could allow an unauthenticated user to upload files of dangerous types without restrictions, leading to remote command execution. This plugin only works with Tenable.ot. Please visit...
CVE-2024-8525
An unrestricted upload of file with dangerous type in Automated Logic WebCTRL 7.0 could allow an unauthenticated user to perform remote command execution via a crafted HTTP POST request which could lead to uploading a malicious file...
CVE-2024-8526
A vulnerability in Automated Logic WebCTRL 7.0 could allow an attacker to send a maliciously crafted URL, which when visited by an authenticated WebCTRL user, could result in the redirection of the user to a malicious webpage via "index.jsp"...
CVE-2024-8525 Automated Logic WebCTRL and Carrier i-Vu Unrestricted File Upload
An unrestricted upload of file with dangerous type in Automated Logic WebCTRL 7.0 could allow an unauthenticated user to perform remote command execution via a crafted HTTP POST request which could lead to uploading a malicious file...
CVE-2024-8525
CVE-2024-8525 affects Automated Logic WebCTRL 7.0 (Premium Server). The issue is an unrestricted upload of a file with a dangerous type that an unauthenticated attacker can exploit via a crafted HTTP POST to achieve remote command execution and upload of a malicious file. Multiple connected sourc...
CVE-2024-8525 Automated Logic WebCTRL and Carrier i-Vu Unrestricted File Upload
An unrestricted upload of file with dangerous type in Automated Logic WebCTRL 7.0 could allow an unauthenticated user to perform remote command execution via a crafted HTTP POST request which could lead to uploading a malicious file...
CVE-2024-8526
CVE-2024-8526 affects Automated Logic WebCTRL 7.0. A authenticated WebCTRL user visiting a specially crafted URL can be redirected to a malicious page via the application’s index.jsp, constituting an Open Redirect (CWE-601). The connected sources describe the vulnerability without providing explo...