31 matches found
EUVD-2023-42714
Malicious code in bioql PyPI...
EUVD-2023-42716
Malicious code in bioql PyPI...
EUVD-2023-42718
Malicious code in bioql PyPI...
CVE-2023-38955
ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information about all managed devices, including their IP addresses and device names...
CVE-2023-38954
ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability...
CVE-2023-38956
A path traversal vulnerability in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload...
CVE-2023-38958
An access control issue in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to arbitrarily close and open the doors managed by the platform remotely via sending a crafted web request...
ZKTeco BioAccess IVS Cross-Site Scripting Vulnerability
ZKTeco BioAccess IVS is a lite web-based security platform from China-based ZKTeco. A cross-site scripting vulnerability exists in ZKTeco BioAccess IVS 3.3.2 and earlier versions, which stems from cross-site scripting in the component Department Name Search Bar...
ZKTeco BioAccess IVS Access Control Error Vulnerability
ZKTeco BioAccess IVS is a lite web-based security platform from ZKTeco, China. An Access Control Error vulnerability exists in ZKTeco BioAccess IVS v3.3.1, which arises from improper access control and can be exploited by an attacker to arbitrarily close and open the door to the platform...
ZKTeco BioAccess IVS Path Traversal Vulnerability
ZKTeco BioAccess IVS is a lite web-based security platform from ZKTeco, China. A path traversal vulnerability exists in ZKTeco BioAccess IVS v3.3.1, which stems from the program's failure to properly filter special elements in the path of a resource or file, and can be exploited by an attacker to...
CVE-2023-38954
ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability...
CVE-2023-38954
ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability...
CVE-2023-38955
ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information about all managed devices, including their IP addresses and device names...
CVE-2023-38958
An access control issue in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to arbitrarily close and open the doors managed by the platform remotely via sending a crafted web request...
CVE-2023-38954
ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability...
CVE-2023-38955
ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information about all managed devices, including their IP addresses and device names...
CVE-2023-38956
A path traversal vulnerability in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload...
Path traversal
A path traversal vulnerability in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload...
Sql injection
ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability...
CVE-2023-38958
An access control issue in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to arbitrarily close and open the doors managed by the platform remotely via sending a crafted web request...