EUVD-2014-2744

Malware in sbrugna...

EUVD-2014-9229

Malware in sbrugna...

MAL-2025-9799 Malicious code in @zalastax/nolb-_b4 (npm)

The package @zalastax/nolb-b4 was found to contain malicious code...

MeterSphere 路径遍历漏洞

MeterSphere is MeterSphere open source one-stop open source continuous testing platform. A path traversal vulnerability exists in Metersphere version v2.10.0-lts-b4. An attacker exploiting this vulnerability could overwrite files that the Metersphere process is authorized to access...

b4.gg Cross Site Scripting vulnerability OBB-1335303

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

CVE-2014-2716

Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System RTLS Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts...

Code injection

Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System RTLS Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts...

Code injection

Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System RTLS Controller 6.0.5-FINAL, and Activator 3 uses part of the MAC address as part of the RC4 setup key, which makes it easier for remote attackers to guess the key via a brute-force attack...

CVE-2014-2716

Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System RTLS Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts...

CVE-2014-9408

Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System RTLS Controller 6.0.5-FINAL, and Activator 3 uses part of the MAC address as part of the RC4 setup key, which makes it easier for remote attackers to guess the key via a brute-force attack...

CVE-2014-2716

The CVE-2014-2716 entry concerns Ekahau Real-Time Location System components (B4 staff badge tag v5.7, firmware 1.4.52; RTLS Controller v6.0.5-FINAL; Activator 3) where RC4 cipher streams are reused across messages. Modzero’s advisory details two vulnerabilities: (1) RC4 stream reuse enabling an ...

CVE-2014-9408

The CVE-2014-9408 entry concerns Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, RTLS Controller 6.0.5-FINAL, and Activator 3, where parts of the MAC address are used in the RC4 setup key. This design allows brute-force guessing of the key by remote attackers, per the provided records. The co...

Joomla GroupJive 1.8 B4 Remote File Inclusion

Exploit for unknown platform in category web applications ============================================= Joomla GroupJive 1.8 B4 Remote File Inclusion ============================================= Joomla Component groupjive 1.8 B4 RFI Vulnerability Author : M3NW5 Location : INDONESIA Achievo 1.3.4...

Joomla GroupJive 1.8 B4 Remote File Inclusion

Joomla Component groupjive 1.8 B4 RFI Vulnerability Author : M3NW5 Homepage : http://www.indonesiancoder.com contach : [email protected] Location : INDONESIA Achievo 1.3.4 Information Vendor : http://www.groupjive.org/ Scripts : http://forge.joomlapolis.com/projects/listfiles/groupjive File :...