88 matches found
EUVD-2022-27672
Malicious code in bioql PyPI...
EUVD-2022-27668
Malicious code in bioql PyPI...
EUVD-2022-33254
Malicious code in bioql PyPI...
EUVD-2022-33250
Malicious code in bioql PyPI...
EUVD-2022-33253
Malicious code in bioql PyPI...
EUVD-2022-33249
Malicious code in bioql PyPI...
EUVD-2022-33251
Malicious code in bioql PyPI...
EUVD-2022-27669
Malicious code in bioql PyPI...
EUVD-2022-27670
Malicious code in bioql PyPI...
CVE-2022-28816
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy is prone to reflected XSS which only affects the Sentilo service...
CVE-2022-28815
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy server was discovered to contain a SQL injection vulnerability allowing an attacker to query other tables of the Sentilo service...
Command Execution Vulnerability in the Management Panel of Car Park Server of Xiamen KTO Communication Technology Co.
Xiamen KTO Communication Technology Co., Ltd. is a professional smart parking solution provider, focusing on the smart parking industry for many years. A command execution vulnerability exists in the management panel of the car park server of Xiamen KTO Communication Technology Co. Ltd, which can...
CVE-2022-28814
Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 was discovered to be vulnerable to a relative path traversal vulnerability which enables remote attackers to read arbitrary files and gain full control of the device...
CVE-2022-28811
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could utilize an improper input validation on an API-submitted parameter to execute arbitrary OS commands...
CVE-2022-28813
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of an SQL-injection to gain access to a volatile temporary database with the current states of the device...
CVE-2022-22526
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a missing authentication allows for full access via API...
CVE-2022-22524
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 an unauthenticated remote attacker could utilize a SQL-Injection vulnerability to gain full database access, modify users and stop services...
CVE-2022-22523
An improper authentication vulnerability exists in the Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 Web-App which allows an authentication bypass to the context of an unauthorised user if free-access is disabled...
CVE-2022-22526
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a missing authentication allows for full access via API...
CVE-2022-28816
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy is prone to reflected XSS which only affects the Sentilo service...