Lucene search
+L

216 matches found

NVD
NVD
added 2023/06/11 2:15 p.m.26 views

CVE-2023-22583

The Danfoss AK-EM100 web forms allow for SQL injection in the login forms...

10CVSS10AI score0.00755EPSS
Exploits0References4
OSV
OSV
added 2023/06/11 2:15 p.m.7 views

CVE-2023-25911

The Danfoss AK-EM100 web applications allow for an authenticated user to perform OS command injection through the web application parameters...

8.8CVSS5.8AI score0.02302EPSS
Exploits0References4
OSV
OSV
added 2023/06/11 2:15 p.m.6 views

CVE-2023-22583

The Danfoss AK-EM100 web forms allow for SQL injection in the login forms...

9.8CVSS5.8AI score0.00755EPSS
Exploits0References4
OSV
OSV
added 2023/06/11 2:15 p.m.8 views

CVE-2023-22586

The Danfoss AK-EM100 web applications allow for Local File Inclusion in the file parameter...

7.5CVSS5.8AI score0.00669EPSS
Exploits0References4
OSV
OSV
added 2023/06/11 2:15 p.m.7 views

CVE-2023-22584

The Danfoss AK-EM100 stores login credentials in cleartext...

7.5CVSS7.1AI score0.00453EPSS
Exploits0References4
NVD
NVD
added 2023/06/11 2:15 p.m.22 views

CVE-2023-22585

The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting in the title parameter...

9CVSS8.6AI score0.00598EPSS
Exploits0References4
NVD
NVD
added 2023/06/11 2:15 p.m.19 views

CVE-2023-22582

The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting...

9CVSS9.2AI score0.00598EPSS
Exploits0References4
OSV
OSV
added 2023/06/11 2:15 p.m.10 views

CVE-2023-22585

The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting in the title parameter...

6.1CVSS6.4AI score0.00598EPSS
Exploits0References4
OSV
OSV
added 2023/06/11 2:15 p.m.11 views

CVE-2023-22582

The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting...

6.1CVSS6.4AI score0.00598EPSS
Exploits0References4
OSV
OSV
added 2023/06/11 2:15 p.m.10 views

CVE-2023-25912

The webreport generation feature in the Danfoss AK-EM100 allows an unauthorized actor to generate a web report that discloses sensitive information such as the internal IP address, usernames and internal device values...

5.3CVSS5.8AI score0.006EPSS
Exploits0References4
Prion
Prion
added 2023/06/11 2:15 p.m.20 views

Command injection

The Danfoss AK-EM100 web applications allow for OS command injection through the web application parameters...

7.5CVSS9.8AI score0.02302EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/06/11 2:15 p.m.20 views

Cross site scripting

The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting in the title parameter...

5.8CVSS6.2AI score0.00598EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/06/11 2:15 p.m.20 views

Sql injection

The Danfoss AK-EM100 web forms allow for SQL injection in the login forms...

7.5CVSS9.8AI score0.00755EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/06/11 2:15 p.m.21 views

Remote file inclusion

The Danfoss AK-EM100 web applications allow for Local File Inclusion in the file parameter...

5CVSS7.6AI score0.00669EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/11 1:17 p.m.12 views

CVE-2023-22582 Reflected Cross-Site Scripting in Danfoss AK-EM100

The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting...

9CVSS7AI score0.00598EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/06/11 1:17 p.m.10 views

CVE-2023-22583 SQL Injection in Danfoss AK-EM100

The Danfoss AK-EM100 web forms allow for SQL injection in the login forms...

10CVSS8.3AI score0.00755EPSS
Exploits0References2
CVE
CVE
added 2023/06/11 1:17 p.m.49 views

CVE-2023-25911

CVE-2023-25911 describes an authenticated OS command injection in Danfoss AK-EM100 web applications, exploitable via web-application parameters. Multiple connected sources confirm the issue and the impact (high/critical) with network access and low attack complexity, requiring low privileges and ...

9.9CVSS9.8AI score0.02302EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/11 1:17 p.m.15 views

CVE-2023-25911 Authenticated OS Command Injection in Danfoss AK-EM100

The Danfoss AK-EM100 web applications allow for an authenticated user to perform OS command injection through the web application parameters...

9.9CVSS9.7AI score0.02302EPSS
Exploits0References2
CVE
CVE
added 2023/06/11 1:17 p.m.44 views

CVE-2023-22583

CVE-2023-22583 affects the Danfoss AK-EM100 web-forms login functionality. The issue is an SQL injection vulnerability in the login forms, enabling potential unauthorized data access or manipulation. The core details across connected documents confirm the affected software (Danfoss AK-EM100 web i...

10CVSS10AI score0.00755EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/06/11 1:17 p.m.30 views

CVE-2023-22583 SQL Injection in Danfoss AK-EM100

The Danfoss AK-EM100 web forms allow for SQL injection in the login forms...

10CVSS10AI score0.00755EPSS
Exploits0References2
Rows per page
Query Builder