7 matches found
EUVD-2024-17440
Malicious code in bioql PyPI...
CVE-2024-1706
A vulnerability was determined in ZKTeco ZKBio Access IVS up to 3.3.2. This impacts an unknown function of the component Department Name Search Bar. This manipulation with the input hi causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly...
Cross site scripting
A vulnerability, which was classified as problematic, has been found in ZKTeco ZKBio Access IVS up to 3.3.2. Affected by this issue is some unknown functionality of the component Department Name Search Bar. The manipulation with the input hi leads to cross site scripting. The attack may be launch...
CVE-2024-1706
CVE-2024-1706 affects ZKTeco ZKBio Access IVS up to 3.3.2, specifically the Department Name Search Bar component. The vulnerability is an input-based cross-site scripting (XSS) issue that can be exploited remotely; exploitation requires user interaction. Public disclosures exist. The vendor notes...
CVE-2024-1706 ZKTeco ZKBio Access IVS Department Name Search Bar cross site scripting
A vulnerability was determined in ZKTeco ZKBio Access IVS up to 3.3.2. This impacts an unknown function of the component Department Name Search Bar. This manipulation with the input hi causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly...
The vulnerability of the web platform used for creating ZKBio Access lVS control and access management systems stems from insufficient protection of sensitive data. This allows a malicious actor to gain unauthorized access to the protected information.
The vulnerability of the web platform used for creating ZKBio Access lVS access control and management systems is related to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability in the web platform used for creating ZKBio Access lVS control and access management systems stems from errors in processing the relative path to the catalog. This allows a hacker to gain access to and read arbitrary files.
The vulnerability of the web platform used for creating ZKBio Access lVS access control and management systems is related to errors in processing the relative path to the catalog. Exploiting this vulnerability could allow a malicious actor to gain read access to arbitrary files...