41 matches found
Altenergy Power Control Software - SQL Injection
A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...
Altenergy Power Control Software C1.2.5 - Remote Command Injection
Altenergy Power Control Software C1.2.5 is susceptible to remote command injection via shell metacharacters in the index.php/management/settimezone parameter, because of settimezone in models/managementmodel.php. An attacker can potentially obtain sensitive information, modify data, and/or execut...
CVE-2023-31502
Altenergy Power Control Software C1.2.5 was discovered to contain a remote code execution RCE vulnerability via the component /models/managementmodel.php...
EUVD-2023-35807
Malicious code in bioql PyPI...
EUVD-2024-33718
Malicious code in bioql PyPI...
CVE-2024-11305
A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...
CVE-2024-11306
A vulnerability, which was classified as critical, has been found in Altenergy Power Control Software up to 20241108. This issue affects some unknown processing of the file /index.php/display/database/. The manipulation leads to improper authorization. The attack may be initiated remotely. The...
CVE-2023-28343
OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/settimezone timezone parameter, because of settimezone in models/managementmodel.php...
VulnCheck KEV: CVE-2024-11305
A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...
CVE-2024-11306
A vulnerability, which was classified as critical, has been found in Altenergy Power Control Software up to 20241108. This issue affects some unknown processing of the file /index.php/display/database/. The manipulation leads to improper authorization. The attack may be initiated remotely. The...
CVE-2024-11306
The CVE-2024-11306 entry concerns Altenergy Power Control Software up to 20241108 where an improper authorization vulnerability exists in the /index.php/display/database/ endpoint. A remote attacker could exploit this to gain unauthorized processing access; the exploit has been disclosed publicly...
CVE-2024-11306 Altenergy Power Control Software database improper authorization
A vulnerability, which was classified as critical, has been found in Altenergy Power Control Software up to 20241108. This issue affects some unknown processing of the file /index.php/display/database/. The manipulation leads to improper authorization. The attack may be initiated remotely. The...
CVE-2024-11306 Altenergy Power Control Software database improper authorization
A vulnerability, which was classified as critical, has been found in Altenergy Power Control Software up to 20241108. This issue affects some unknown processing of the file /index.php/display/database/. The manipulation leads to improper authorization. The attack may be initiated remotely. The...
CVE-2024-11305
A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...
CVE-2024-11305
Altenergy Power Control Software contains a SQL injection in the get_status_zigbee function (file /index.php/display/status_zigbee) index parameter date. The vulnerability affects versions up to 20241108 and can be exploited remotely. The nuclei template specifies that authenticated attackers cou...
CVE-2024-11305 Altenergy Power Control Software status_zigbee get_status_zigbee sql injection
A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...
CVE-2024-11305 Altenergy Power Control Software status_zigbee get_status_zigbee sql injection
A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...
Altenergy Power System Control Software 注入漏洞
Altenergy Power System Control Software is microinverter control software from Altenergy Power System. An injection vulnerability exists in Altenergy Power Control Software 20241108 and prior versions that stems from an improper authorization issue in the file /index.php/display/database/...
Altenergy Power System Control Software 注入漏洞
Altenergy Power System Control Software is microinverter control software from Altenergy Power System. An injection vulnerability exists in Altenergy Power System Control Software version 20241108 and prior versions, which stems from an SQL injection in parameter date...
PT-2024-16898 · Unknown · Altenergy Power Control
Name of the Vulnerable Software and Affected Versions: Altenergy Power Control Software versions up to 20241108 Description: A critical issue has been found in the software, affecting some unknown processing of the file /index.php/display/database/, leading to improper authorization. The attack m...