20 matches found
EUVD-2023-44298
Malicious code in bioql PyPI...
EUVD-2023-44299
Malicious code in bioql PyPI...
CVE-2023-3654
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a origin bypass via the host header in an HTTP request. This vulnerability can be triggered by an HTTP endpoint exposed to the network...
Cross site request forgery (csrf)
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a origin bypass via the host header in an HTTP request. This vulnerability can be triggered by an HTTP endpoint exposed to the network...
CVE-2023-3656
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by an unauthenticated remote code execution vulnerability. This vulnerability can be triggered by an HTTP endpoint exposed to the network...
CVE-2023-3655
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database system settings, user accounts,.... This vulnerability can be triggered by an HTTP endpoint exposed to the...
CVE-2023-3655
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database system settings, user accounts,.... This vulnerability can be triggered by an HTTP endpoint exposed to the...
Remote code execution
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by an unauthenticated remote code execution vulnerability. This vulnerability can be triggered by an HTTP endpoint exposed to the network...
Code injection
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database system settings, user accounts,.... This vulnerability can be triggered by an HTTP endpoint exposed to the...
CVE-2023-3654 Origin Check Bypass
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a origin bypass via the host header in an HTTP request. This vulnerability can be triggered by an HTTP endpoint exposed to the network...
CVE-2023-3654
CVE-2023-3654 affects cashIT! devices from PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH up to version 2023.02.37. The issue is an origin bypass via the HTTP Host header, triggered by an HTTP endpoint exposed to the network. The root cause is a host-header-based origin check bypass, enabling u...
CVE-2023-3655 Unauthenticated Remote Database Exfiltration
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database system settings, user accounts,.... This vulnerability can be triggered by an HTTP endpoint exposed to the...
CVE-2023-3655
The CVE-2023-3655 entry concerns cashIT! - serving solutions on devices running version 03.A06rks 2023.02.37. Connected PT-2023-25621 details indicate the vulnerability allows leakage of the database (including system settings and user accounts) via an HTTP endpoint exposed to the network. No exp...
CVE-2023-3656 Unauthenticated Remote Code Execution
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by an unauthenticated remote code execution vulnerability. This vulnerability can be triggered by an HTTP endpoint exposed to the network...
CVE-2023-3656
CVE-2023-3656 affects cashIT! – serving solutions from PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH. The vulnerability is an unauthenticated remote code execution triggered by an exposed HTTP endpoint. Affected versions are up to 03.A06rks 2023.02.37. The CVSS v3.1 score is 9.8 (CRITICAL), wi...
cashIT Security Breach
cashIT is an old cell phone recycling website by cashIT India. cashIT suffers from a security vulnerability that stems from a database disclosure system settings, user accounts, etc. that can be triggered via HTTP endpoints exposed to the network...
PT-2023-25621 · Pos/ Dienstleistung · Cashit!
Name of the Vulnerable Software and Affected Versions: cashIT! - serving solutions versions to 03.A06rks 2023.02.37 Description: The issue affects devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" and allows for the leakage of the database, including system settings and user account...
cashIT Access Control Error Vulnerability
cashIT is an old cell phone recycling website by cashIT India. cashIT suffers from an Access Control Error vulnerability that originates from an origin bypass via the host header in HTTP requests...
PT-2023-25623 · Pos/ Dienstleistung · Cashit!
Name of the Vulnerable Software and Affected Versions: cashIT! - serving solutions versions from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 Description: The issue is an unauthenticated remote code execution vulnerability that can be triggered by an HTTP endpoint...
cashIT Code Injection Vulnerability
cashIT is an old cell phone recycling website by cashIT India. cashIT suffers from a code injection vulnerability that originates from the ability to execute remote code via an HTTP endpoint exposed to the network...