46 matches found
EUVD-2021-29810
Malicious code in bioql PyPI...
EUVD-2021-29809
Malicious code in bioql PyPI...
EUVD-2021-29812
Malicious code in bioql PyPI...
EUVD-2021-29743
Malicious code in bioql PyPI...
EUVD-2021-29742
Malicious code in bioql PyPI...
EUVD-2021-29808
Malicious code in bioql PyPI...
Aternity SteelCentral AppInternals has an unspecified vulnerability
Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity USA, Inc. Providing Application Performance Monitoring APM and diagnostics, a security vulnerability exists in Aternity SteelCentral AppInternals, which stems from a configuration file that can map the...
Aternity SteelCentral AppInternals Directory Traversal Vulnerability (CNVD-2022-22671)
Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity, Inc. A directory traversal vulnerability exists in Aternity SteelCentral AppInternals, which stems from /api/appInternals/1.0/agent/da/pcf that does not perform any validation of user input that allows...
Aternity SteelCentral AppInternals Directory Traversal Vulnerability (CNVD-2022-22670)
Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity, Inc. A directory traversal vulnerability exists in Aternity SteelCentral AppInternals, which stems from the fact that /api/appInternals/1.0/plugin/pmx does not perform any validation of user input that...
Aternity SteelCentral AppInternals跨站脚本漏洞
Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity, Inc. A cross-site scripting vulnerability exists in Aternity SteelCentral AppInternals, which can be exploited by remote attackers to inject malicious script or HTML code...
Aternity SteelCentral AppInternals目录遍历漏洞
Aternity SteelCentral AppInternals is a monitoring modern automation solution from Aternity, Inc. A directory traversal vulnerability exists in Aternity SteelCentral AppInternals, which can be exploited by remote attackers to submit special requests that can write in the application context syste...
CVE-2021-42857
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentDaServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/da/pcf" API. The affected endpoint does not have any validation of the user's input that allows a malicious payload to be...
CVE-2021-42857
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentDaServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/da/pcf" API. The affected endpoint does not have any validation of the user's input that allows a malicious payload to be...
CVE-2021-42855
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent DSA uses the ".debugcommand.config" file to store a json string that contains a list of IDs and pre-configured commands. The config file is subsequently used by the "/api/appInternals/1.0/agent/configuration" API to map t...
CVE-2021-42855
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent DSA uses the ".debugcommand.config" file to store a json string that contains a list of IDs and pre-configured commands. The config file is subsequently used by the "/api/appInternals/1.0/agent/configuration" API to map t...
CVE-2021-42853
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentDiagnosticServlet has directory traversal vulnerability at the "/api/appInternals/1.0/agent/diagnostic/logs" API. The affected endpoint does not have any input validation of the user's input that allows a...
CVE-2021-42853
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentDiagnosticServlet has directory traversal vulnerability at the "/api/appInternals/1.0/agent/diagnostic/logs" API. The affected endpoint does not have any input validation of the user's input that allows a...
CVE-2021-42854
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA PluginServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/plugin/pmx" API. The affected endpoint does not have any input validation of the user's input that allows a malicious payload to be...
CVE-2021-42786
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent DSA has Remote Code Execution vulnerabilities in multiple instances of the API requests. The affected endpoints do not have any input validation of the user's input that allowed a malicious payload to be injected...
CVE-2021-42787
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's DSA AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/configuration" API. The affected endpoint does not have any input validation of the user's input that allows a...