22 matches found
CVE-2022-35134
Boodskap IoT Platform v4.4.9-02 contains a cross-site scripting XSS vulnerability...
EUVD-2022-38032
Malicious code in bioql PyPI...
CVE-2022-35135
Boodskap IoT Platform v4.4.9-02 allows attackers to escalate privileges via a crafted request sent to /api/user/upsert/...
CVE-2022-35136
Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests...
CVE-2022-35136
Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests...
CVE-2022-35134
Boodskap IoT Platform v4.4.9-02 contains a cross-site scripting XSS vulnerability...
CVE-2022-35135
Boodskap IoT Platform v4.4.9-02 allows attackers to escalate privileges via a crafted request sent to /api/user/upsert/...
Design/Logic Flaw
Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests...
Cross site scripting
Boodskap IoT Platform v4.4.9-02 contains a cross-site scripting XSS vulnerability...
Design/Logic Flaw
Boodskap IoT Platform v4.4.9-02 allows attackers to escalate privileges via a crafted request sent to /api/user/upsert/...
CVE-2022-35136
Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests...
CVE-2022-35136
CVE-2022-35136 affects Boodskap IoT Platform v4.4.9-02. The issue allows attackers to make unauthenticated API requests, with the CVSS 3.1 vector indicating network access, low attack complexity, and a low privileges requirement, but high integrity impact (I:H). Public references identify /api en...
CVE-2022-35135
Boodskap IoT Platform v4.4.9-02 allows attackers to escalate privileges via a crafted request sent to /api/user/upsert/...
Boodskap IoT Platform 访问控制错误漏洞
Boodskap IoT Platform is an IoT platform from Boodskap. A security vulnerability exists in Boodskap IoT Platform version v4.4.9-02, which can be exploited by an attacker to issue unauthenticated API requests...
CVE-2022-35134
The CVE-2022-35134 case concerns Boodskap IoT Platform v4.4.9-02, with a cross-site scripting (XSS) vulnerability in the web application. The connected documents identify the affected product/version and attribute the root cause to insufficient input validation and output cleanup across multiple ...
CVE-2022-35135
CVE-2022-35135 affects Boodskap IoT Platform v4.4.9-02. A crafted request to /api/user/upsert/ can escalate privileges (network, low attack complexity, low privileges required, no user interaction). The CVSSv3.1 base score is 8.8 (HIGH) with impacts to confidentiality, integrity, and availability...
CVE-2022-35135
Boodskap IoT Platform v4.4.9-02 allows attackers to escalate privileges via a crafted request sent to /api/user/upsert/...
CVE-2022-35134
Boodskap IoT Platform v4.4.9-02 contains a cross-site scripting XSS vulnerability...
CVE-2022-35136
Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests...
CVE-2022-35134
Boodskap IoT Platform v4.4.9-02 contains a cross-site scripting XSS vulnerability...