28 matches found
EUVD-2024-17064
Malicious code in bioql PyPI...
EUVD-2024-17062
Malicious code in bioql PyPI...
CVE-2024-1301
SQL injection vulnerability in Badger Meter Monitool affecting versions 4.6.3 and earlier. A remote attacker could send a specially crafted SQL query to the server via the jusername parameter and retrieve the information stored in the database...
CVE-2024-1304
Cross-site scripting vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows a remote attacker to send a specially crafted javascript payload to an authenticated user and partially hijack their browser session...
CVE-2024-1301
SQL injection vulnerability in Badger Meter Monitool affecting versions 4.6.3 and earlier. A remote attacker could send a specially crafted SQL query to the server via the jusername parameter and retrieve the information stored in the database...
CVE-2024-1302
Information exposure vulnerability in Badger Meter Monitool affecting versions up to 4.6.3 and earlier. A local attacker could change the application's file parameter to a log file obtaining all sensitive information such as database credentials...
CVE-2024-1304
Cross-site scripting vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows a remote attacker to send a specially crafted javascript payload to an authenticated user and partially hijack their browser session...
CVE-2024-1303
Incorrectly limiting the path to a restricted directory vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows an authenticated attacker to retrieve any file from the device using the download-file functionality...
CVE-2024-1303
Incorrectly limiting the path to a restricted directory vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows an authenticated attacker to retrieve any file from the device using the download-file functionality...
Information disclosure
Information exposure vulnerability in Badger Meter Monitool affecting versions up to 4.6.3 and earlier. A local attacker could change the application's file parameter to a log file obtaining all sensitive information such as database credentials...
Cross site scripting
Cross-site scripting vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows a remote attacker to send a specially crafted javascript payload to an authenticated user and partially hijack their browser session...
Sql injection
SQL injection vulnerability in Badger Meter Monitool affecting versions 4.6.3 and earlier. A remote attacker could send a specially crafted SQL query to the server via the jusername parameter and retrieve the information stored in the database...
Design/Logic Flaw
Incorrectly limiting the path to a restricted directory vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows an authenticated attacker to retrieve any file from the device using the download-file functionality...
CVE-2024-1304
CVE-2024-1304 affects Badger Meter Monitool up to version 4.6.3 and earlier. The vulnerability is a cross-site scripting issue allowing a remote attacker to deliver a crafted JavaScript payload to an authenticated user, potentially hijacking the user’s browser session (partial impact on integrity...
CVE-2024-1304 Multiple Vulnerabilities in Badger Meter's Monitool
Cross-site scripting vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows a remote attacker to send a specially crafted javascript payload to an authenticated user and partially hijack their browser session...
CVE-2024-1303 Multiple Vulnerabilities in Badger Meter's Monitool
Incorrectly limiting the path to a restricted directory vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows an authenticated attacker to retrieve any file from the device using the download-file functionality...
CVE-2024-1303 Multiple Vulnerabilities in Badger Meter's Monitool
Incorrectly limiting the path to a restricted directory vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows an authenticated attacker to retrieve any file from the device using the download-file functionality...
CVE-2024-1303
CVE-2024-1303 affects Badger Meter Monitool prior to 4.6.3. The root cause is an incorrect restriction that allows path traversal in the download-file function, enabling an authenticated attacker to retrieve arbitrary files from the device. Affected component: Monitool on compatible Badger Meter ...
CVE-2024-1302
CVE-2024-1302 affects Badger Meter Monitool up to version 4.6.3 and earlier. The vulnerability allows a local attacker to manipulate the application’s file parameter to point to a log file, leading to exposure of sensitive data such as database credentials. Documents consistently describe an info...
CVE-2024-1302 Multiple Vulnerabilities in Badger Meter's Monitool
Information exposure vulnerability in Badger Meter Monitool affecting versions up to 4.6.3 and earlier. A local attacker could change the application's file parameter to a log file obtaining all sensitive information such as database credentials...