Lucene search
K

177 matches found

CNNVD
CNNVD
added 2024/06/14 12:0 a.m.3 views

LB-LINK BL-W1210M Security Breach

LB-LINK BL-W1210M is a wireless router from China Bilink LB-LINK. A security vulnerability exists in LB-LINK BL-W1210M v2.0, which stems from incorrect access control...

9.8CVSS6.8AI score0.00539EPSS
Exploits0References2
CVE
CVE
added 2024/06/14 12:0 a.m.44 views

CVE-2024-33374

CVE-2024-33374 affects the LB-LINK BL-W1210M v2.0 router. The issue is an incorrect access control in the UART/Serial interface that allows attackers to reach the root terminal without authentication. The CVSS base score is 9.8 (CRITICAL) with NETWORK attack vector, low complexity, no privileges ...

9.8CVSS7.2AI score0.00539EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.3 views

PT-2024-25222 · Lb Link · Lb-Link Bl-W1210M

Name of the Vulnerable Software and Affected Versions: LB-LINK BL-W1210M version 2.0 Description: The issue concerns the storage of user credentials in plaintext within the router's firmware. This means that sensitive information, such as usernames and passwords, is not encrypted and can be easil...

10CVSS6.2AI score0.00619EPSS
Exploits1References7
Veracode
Veracode
added 2024/04/01 10:6 p.m.21 views

Heap Based Buffer Overflow

gtkwave is vulnerable to Heap Based Buffer Overflow. The vulnerability is due to insufficient bounds checking in the fstReaderIterBlocks2 chaintable parsing functionality using chaintable of FSTBLVCDATA and FSTBLVCDATADYNALIAS , allowing attackers to execute arbitrary code by crafting a specially...

7.8CVSS8AI score0.00416EPSS
Exploits1References3Affected Software1
Openbugbounty
Openbugbounty
added 2024/01/26 5:21 p.m.9 views

bl-earth.jp Improper Access Control vulnerability OBB-3843454

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Prion
Prion
added 2023/11/27 11:15 p.m.16 views

Default credentials

In the module "CSV Feeds PRO" csvfeeds 2.6.1 from Bl Modules for PrestaShop, a guest can download personal information without restriction. Due to too permissive access control which does not force administrator to use password on feeds, a guest can access exports from the module which can lead t...

5CVSS6.9AI score0.00501EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/11/27 12:0 a.m.35 views

CVE-2023-46355

CVE-2023-46355—CSV Feeds PRO (PrestaShop) affects Bl Modules csvfeeds module prior to version 2.6.1. The root cause is overly permissive access control that does not require an administrator to authenticate when accessing feeds, allowing guests to download exports and potentially leak personal da...

5.3CVSS5.2AI score0.00501EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/10/31 4:15 a.m.18 views

CVE-2023-46356

In the module "CSV Feeds PRO" csvfeeds before 2.6.1 from Bl Modules for PrestaShop, a guest can perform SQL injection. The method SearchApiCsv::getProducts has sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...

9.8CVSS9.8AI score0.00636EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2023/10/23 12:0 a.m.17 views

Ubuntu 16.04 ESM : bl vulnerability (USN-5159-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5159-1 advisory. It was discovered that bl incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. Tenable has extracted the...

6.5CVSS7.2AI score0.02183EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/09/15 1:15 a.m.4 views

CVE-2023-39643

Bl Modules xmlfeeds before v3.9.8 was discovered to contain a SQL injection vulnerability via the component SearchApiXml::Xmlfeeds...

9.8CVSS5.8AI score0.00666EPSS
Exploits1References3
OSV
OSV
added 2023/09/15 1:15 a.m.5 views

CVE-2023-39643

Bl Modules xmlfeeds before v3.9.8 was discovered to contain a SQL injection vulnerability via the component SearchApiXml::Xmlfeeds...

9.8CVSS5.8AI score0.00666EPSS
Exploits1References2
Prion
Prion
added 2023/09/15 1:15 a.m.17 views

Sql injection

Bl Modules xmlfeeds before v3.9.8 was discovered to contain a SQL injection vulnerability via the component SearchApiXml::Xmlfeeds...

7.5CVSS9.7AI score0.00666EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2023/09/15 12:0 a.m.27 views

CVE-2023-39643

PrestaShop xmlfeeds module (Bl Modules) before version 3.9.8 is vulnerable to SQL injection via the component SearchApiXml::Xmlfeeds(). The issue has a very high impact (CVE-2023-39643) with a CVSS v3.1 base score of 9.8 (Network attack, no authentication, user interaction not required). Affected...

9.8CVSS9.7AI score0.00666EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/09/14 12:0 a.m.3 views

PT-2023-27047 · Unknown · Bl Modules Xmlfeeds

Name of the Vulnerable Software and Affected Versions: Bl Modules xmlfeeds versions prior to 3.9.8 Description: The issue is related to a SQL injection vulnerability. It affects the component SearchApiXml::Xmlfeeds. Recommendations: For versions prior to 3.9.8, update to version 3.9.8 or later to...

9.8CVSS9.7AI score0.00666EPSS
Exploits1References5
Openbugbounty
Openbugbounty
added 2023/05/27 2:18 p.m.5 views

bl-india.com Cross Site Scripting vulnerability OBB-3365180

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
CVE
CVE
added 2023/03/26 12:0 a.m.272 views

CVE-2023-26801

CVE-2023-26801 affects LB-LINK BL-AC1900_2.0 v1.0.1, BL-WR9000 v2.4.9, BL-X26 v1.2.5, and BL-LTE300 v1.0.8. The vulnerability is a command injection via the mac, time1, and time2 parameters in /goform/set_LimitClient_cfg. Root cause involves improper input handling in the /goform/set_LimitClient_...

9.8CVSS9.8AI score0.69663EPSS
In wildExploits1References2Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2023/02/01 12:0 a.m.3 views

VulnCheck KEV: CVE-2023-26801

LB-LINK BL-AC19002.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/setLimitClientcfg...

9.8CVSS7.5AI score0.69663EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.13 views

Ubuntu: Security Advisory (USN-5159-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.02183EPSS
Exploits1References2
Openbugbounty
Openbugbounty
added 2022/08/11 5:48 p.m.13 views

bl-school.com Cross Site Scripting vulnerability OBB-2837308

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OSV
OSV
added 2022/02/08 10:24 p.m.3 views

USN-5159-1 node-bl vulnerability

It was discovered that bl incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service...

6.5CVSS6.8AI score0.02183EPSS
Exploits1References2
Rows per page
Query Builder