Lucene search
K

174 matches found

OSV
OSV
added 2017/02/13 9:59 p.m.5 views

CVE-2016-8357

An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept those commands. This would allow an attacker with read-only access to make changes within the application...

7.1CVSS5.8AI score0.00943EPSS
Exploits0References2
Prion
Prion
added 2017/02/13 9:59 p.m.11 views

Command injection

An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept those commands. This would allow an attacker with read-only access to make changes within the application...

5.5CVSS7.1AI score0.00943EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/02/13 9:59 p.m.14 views

Hardcoded credentials

An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application uses a hard-coded username with no password allowing an attacker into the system without authentication...

7.5CVSS7.2AI score0.0165EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2017/02/13 9:59 p.m.1 views

CVE-2016-8357

An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept those commands. This would allow an attacker with read-only access to make changes within the application...

7.1CVSS5.6AI score0.00943EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2017/02/13 9:59 p.m.3 views

CVE-2016-8361

An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application uses a hard-coded username with no password allowing an attacker into the system without authentication...

8.6CVSS5.5AI score0.0165EPSS
Exploits0References3
NVD
NVD
added 2017/02/13 9:59 p.m.23 views

CVE-2016-8357

An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept those commands. This would allow an attacker with read-only access to make changes within the application...

7.1CVSS7.5AI score0.00943EPSS
Exploits0References2
Prion
Prion
added 2017/02/13 9:59 p.m.12 views

Cross site request forgery (csrf)

An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application does not sufficiently verify if a request was intentionally provided by the user who submitted the request CROSS-SITE REQUEST FORGERY...

6.8CVSS7AI score0.00641EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/02/13 9:0 p.m.29 views

CVE-2016-8378

An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application's database lacks sufficient safeguards for protecting credentials...

9.6AI score0.01692EPSS
Exploits0References2
CVE
CVE
added 2017/02/13 9:0 p.m.41 views

CVE-2016-8369

The CVE-2016-8369 entry affects Lynxspring JENEsys BAS Bridge versions 1.1.8 and older, with a Cross-Site Request Forgery (CSRF) vulnerability due to insufficient verification that user-submitted requests originated from the legitimate user. This could allow an attacker to perform actions with th...

8.8CVSS8.5AI score0.00641EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/02/13 9:0 p.m.22 views

CVE-2016-8369

An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application does not sufficiently verify if a request was intentionally provided by the user who submitted the request CROSS-SITE REQUEST FORGERY...

8.7AI score0.00641EPSS
Exploits0References2
CVE
CVE
added 2017/02/13 9:0 p.m.46 views

CVE-2016-8361

CVE-2016-8361 affects Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The root cause is a hard-coded username with no password, enabling an attacker to gain access without authentication to the system. Exploitation could permit unauthenticated access and command execution, consistent with...

8.6CVSS8.5AI score0.0165EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/02/13 9:0 p.m.44 views

CVE-2016-8378

CVE-2016-8378 affects Lynxspring JENEsys BAS Bridge

9.8CVSS9.3AI score0.01692EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/02/13 9:0 p.m.48 views

CVE-2016-8357

The CVE-2016-8357 vulnerability affects Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept them, enabling an attacker with read-only access to cause changes within the application. This is describe...

7.1CVSS6.9AI score0.00943EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/02/13 9:0 p.m.22 views

CVE-2016-8361

An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The application uses a hard-coded username with no password allowing an attacker into the system without authentication...

8.7AI score0.0165EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/02/13 9:0 p.m.30 views

CVE-2016-8357

An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept those commands. This would allow an attacker with read-only access to make changes within the application...

6.9AI score0.00943EPSS
Exploits0References2
CNVD
CNVD
added 2016/11/17 12:0 a.m.5 views

Lynxspring JENEsys BAS Bridge Cross-Site Request Forgery Vulnerability

Lynxspring is a US based company.BAS Bridge is a web based SCADA system.BAS servers are deployed in areas such as commercial facilities, manufacturing, energy, water and wastewater systems and many more. A cross-site request forgery vulnerability exists in Lynxspring JENEsys BAS Bridge. Due to th...

8.8CVSS6.8AI score0.00641EPSS
Exploits0References1
CNVD
CNVD
added 2016/11/17 12:0 a.m.5 views

Lynxspring JENEsys BAS Bridge Elevation of Privilege Vulnerability

Lynxspring is a US based company.BAS Bridge is a web based SCADA system.BAS servers are deployed in areas such as commercial facilities, manufacturing, energy, water and wastewater systems and many more. An elevation of privilege vulnerability exists in Lynxspring JENEsys BAS Bridge. An attacker...

7.1CVSS7.2AI score0.00943EPSS
Exploits0References1
CNVD
CNVD
added 2016/11/17 12:0 a.m.4 views

Lynxspring JENEsys BAS Bridge Security Bypass Vulnerability

Lynxspring is a US based company.BAS Bridge is a web based SCADA system.BAS servers are deployed in areas such as commercial facilities, manufacturing, energy, water and wastewater systems and many more. A security bypass vulnerability exists in Lynxspring JENEsys BAS Bridge. An attacker can...

9.8CVSS7.1AI score0.01692EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2016/09/27 8:54 a.m.6 views

bas-rhin.gouv.fr XSS vulnerability

Vulnerable URL: http://www.bas-rhin.gouv.fr/Outils/Glossaire/namefilter/Y%22%3E%3Cmarquee%20onstart=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 11:33 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...

6.3AI score
Exploits0
hackapp
hackapp
added 2016/07/05 4:31 p.m.14 views

Tracer™ BAS Operator Suite - WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Tracer™ BAS Operator Suite published at the 'play' market has multiple vulnerabilities...

0.8AI score
Exploits0References1Affected Software1
Rows per page
Query Builder