Lucene search
K

43 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-4358

Malicious code in bioql PyPI...

6.5CVSS8.7AI score0.00251EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/26 3:33 p.m.13 views

CVE-2025-27265

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aaron D. Campbell Google Maps for WordPress google-maps-for-wordpress allows DOM-Based XSS.This issue affects Google Maps for WordPress: from n/a through = 1.0.3...

6.5CVSS7.2AI score0.00251EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/24 2:48 p.m.17 views

CVE-2025-27265 WordPress Google Maps for WordPress plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aaron D. Campbell Google Maps for WordPress google-maps-for-wordpress allows DOM-Based XSS.This issue affects Google Maps for WordPress: from n/a through = 1.0.3...

6.5CVSS0.00251EPSS
Exploits0References1
CVE
CVE
added 2025/02/24 2:48 p.m.55 views

CVE-2025-27265

CVE-2025-27265 corresponds to a DOM-based XSS in Google Maps for WordPress (WordPress plugin) affecting versions up to 1.0.3. The issue is described in connected sources as an Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability caused by improper input neutralization during web...

6.5CVSS7.2AI score0.00251EPSS
Exploits0References1
NVD
NVD
added 2024/05/28 7:15 p.m.25 views

CVE-2024-5434

The Campbell Scientific CSI Web Server stores web authentication credentials in a file with a specific file name. Passwords within that file are stored in a weakly encoded format. There is no known way to remotely access the file unless it has been manually renamed. However, if an attacker were t...

6.9CVSS6.7AI score0.00216EPSS
Exploits0References1
NVD
NVD
added 2024/05/28 7:15 p.m.25 views

CVE-2024-5433

The Campbell Scientific CSI Web Server supports a command that will return the most recent file that matches a given expression. A specially crafted expression can lead to a path traversal vulnerability. This command combined with a specially crafted expression allows anonymous, unauthenticated...

5.3CVSS6.7AI score0.00487EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/28 6:43 p.m.11 views

CVE-2024-5434 Weak Encoding for Password vulnerability in Campbell Scientific CSI Web Server and RTMC

The Campbell Scientific CSI Web Server stores web authentication credentials in a file with a specific file name. Passwords within that file are stored in a weakly encoded format. There is no known way to remotely access the file unless it has been manually renamed. However, if an attacker were t...

6.9CVSS7.1AI score0.00216EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/28 6:43 p.m.31 views

CVE-2024-5434 Weak Encoding for Password vulnerability in Campbell Scientific CSI Web Server and RTMC

The Campbell Scientific CSI Web Server stores web authentication credentials in a file with a specific file name. Passwords within that file are stored in a weakly encoded format. There is no known way to remotely access the file unless it has been manually renamed. However, if an attacker were t...

6.9CVSS6.7AI score0.00216EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/28 6:39 p.m.28 views

CVE-2024-5433 Path Traversal in Campbell Scientific CSI Web Server and RTMC

The Campbell Scientific CSI Web Server supports a command that will return the most recent file that matches a given expression. A specially crafted expression can lead to a path traversal vulnerability. This command combined with a specially crafted expression allows anonymous, unauthenticated...

5.3CVSS6.7AI score0.00487EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/28 12:0 a.m.7 views

PT-2024-36224 · Campbell Scientific · Campbell Scientific Csi Web Server

Name of the Vulnerable Software and Affected Versions: Campbell Scientific CSI Web Server affected versions not specified Description: The issue concerns the storage of web authentication credentials in a file with a specific name. The passwords in this file are stored in a weakly encoded format,...

6.9CVSS7.3AI score0.00216EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/28 12:0 a.m.9 views

PT-2024-36213 · Campbell Scientific · Campbell Scientific Csi Web Server

Name of the Vulnerable Software and Affected Versions: Campbell Scientific CSI Web Server affected versions not specified Description: The issue allows anonymous, unauthenticated access to files and directories outside of the webserver root directory. This is achieved through a specially crafted...

5.3CVSS7.1AI score0.00487EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/28 12:0 a.m.5 views

Campbell Scientific CSI Web Server 安全漏洞

Campbell Scientific CSI Web Server is a web server from Campbell Scientific. A security vulnerability exists in Campbell Scientific CSI Web Server version 1.6 and prior versions, which originates when the password for a file is stored in a weakly encoded format, which allows an attacker to decode...

6.9CVSS6.9AI score0.00216EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/28 12:0 a.m.5 views

Campbell Scientific CSI Web Server 路径遍历漏洞

Campbell Scientific CSI Web Server is a web server from Campbell Scientific. A path traversal vulnerability exists in Campbell Scientific CSI Web Server version 1.6 and earlier, which originates from a vulnerability that allows an attacker to gain anonymous, unauthenticated access to files and...

5.3CVSS7.1AI score0.00487EPSS
Exploits0References2
HackRead
HackRead
added 2023/12/20 7:57 p.m.28 views

Data Leak Exposes 1.5 Billion Real Estate Records, Including Elon Musk, Kylie Jenner

By Waqas A Campbell, New York-based real estate training platform called Real Estate Wealth Network exposed a massive treasure trove of real estate records due to cloud server misconfiguration. This is a post from HackRead.com Read the original post: Data Leak Exposes 1.5 Billion Real Estate...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/11/20 1:57 a.m.43 views

campbellsci.ca Cross Site Scripting vulnerability OBB-3786845

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.3AI score
Exploits0
OSV
OSV
added 2023/04/18 10:20 p.m.39 views

GHSA-Q2QJ-628G-VHFW Insecure header validation in slim/psr7

Impact An attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n. An attacker that is able to control the header names that are passed to Slilm-Ps...

6.5CVSS6.1AI score0.00743EPSS
Exploits0References9
NVD
NVD
added 2023/01/26 9:18 p.m.15 views

CVE-2023-0321

Campbell Scientific dataloggers CR6, CR300, CR800, CR1000 and CR3000 may allow an attacker to download configuration files, which may contain sensitive information about the internal network. From factory defaults, the mentioned datalogges have HTTP and PakBus enabled. The devices, with the defau...

9.1CVSS9.2AI score0.00864EPSS
Exploits1References2
Prion
Prion
added 2023/01/26 9:18 p.m.17 views

Default configuration

Campbell Scientific dataloggers CR6, CR300, CR800, CR1000 and CR3000 may allow an attacker to download configuration files, which may contain sensitive information about the internal network. From factory defaults, the mentioned datalogges have HTTP and PakBus enabled. The devices, with the defau...

6.4CVSS8.9AI score0.00864EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/01/26 12:0 a.m.6 views

Campbell Scientific dataloggers 信息泄露漏洞

Campbell Scientific dataloggers CR Series is a line of scientific data loggers from Campbell Scientific. A security vulnerability exists in the Campbell Scientific dataloggers that stems from the fact that they allow an attacker to download configuration files that may contain sensitive informati...

9.1CVSS8.2AI score0.00864EPSS
Exploits1References3
CVE
CVE
added 2023/01/25 12:0 a.m.65 views

CVE-2023-0321

CVE-2023-0321 affects Campbell Scientific dataloggers CR6, CR300, CR800, CR1000 and CR3000. With factory defaults the devices have HTTP and PakBus enabled, and the PakBus port allows downloading, modifying, and uploading configuration files that may contain sensitive internal-network information....

9.1CVSS9.2AI score0.00864EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder