Lucene search
K

94 matches found

OSV
OSV
added 2019/05/23 8:29 p.m.3 views

CVE-2019-10849

Computrols CBAS 18.0.0 allows unprotected Subversion SVN directory / source code disclosure...

7.5CVSS7.2AI score
Exploits0References3
NVD
NVD
added 2019/05/23 8:29 p.m.21 views

CVE-2019-10846

Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scripting vulnerabilities in the login page and password reset page via the username GET parameter...

6.1CVSS6.4AI score0.04662EPSS
Exploits4References3
OSV
OSV
added 2019/05/23 7:29 p.m.3 views

CVE-2019-10855

Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 with a pw prefix, e.g., if the password is admin, it will calculate the MD5 hash of pwadmin and store it in a MySQL database...

7.5CVSS7.1AI score0.00998EPSS
Exploits0References2
Prion
Prion
added 2019/05/23 7:29 p.m.22 views

Sql injection

Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=startpulling&id= substring...

6.5CVSS9.1AI score0.01751EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2019/05/23 7:29 p.m.24 views

CVE-2019-10852

Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=startpulling&id= substring...

8.8CVSS7.4AI score0.01751EPSS
Exploits1References3
NVD
NVD
added 2019/05/23 7:29 p.m.20 views

CVE-2019-10853

Computrols CBAS 18.0.0 allows Authentication Bypass...

8.3CVSS6.8AI score0.0166EPSS
Exploits4References2
Prion
Prion
added 2019/05/23 7:29 p.m.11 views

Default credentials

Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 with a pw prefix, e.g., if the password is admin, it will calculate the MD5 hash of pwadmin and store it in a MySQL database...

5CVSS7.8AI score0.00998EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/05/23 7:29 p.m.32 views

CVE-2019-10851

Computrols CBAS 18.0.0 has hard-coded encryption keys...

6.5CVSS6.4AI score0.00666EPSS
Exploits0References2
Prion
Prion
added 2019/05/23 7:29 p.m.10 views

Command injection

Computrols CBAS 18.0.0 allows Authenticated Command Injection...

9CVSS8.8AI score0.02991EPSS
Exploits4References2Affected Software1
OSV
OSV
added 2019/05/23 7:29 p.m.4 views

CVE-2019-10852

Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=startpulling&id= substring...

8.8CVSS7.4AI score0.01751EPSS
Exploits1References3
Prion
Prion
added 2019/05/23 7:29 p.m.12 views

Authentication flaw

Computrols CBAS 18.0.0 allows Authentication Bypass...

8.3CVSS8.5AI score0.0166EPSS
Exploits4References2Affected Software1
OSV
OSV
added 2019/05/23 7:29 p.m.4 views

CVE-2019-10851

Computrols CBAS 18.0.0 has hard-coded encryption keys...

6.5CVSS6.8AI score0.00666EPSS
Exploits0References2
NVD
NVD
added 2019/05/23 7:29 p.m.24 views

CVE-2019-10854

Computrols CBAS 18.0.0 allows Authenticated Command Injection...

9CVSS7AI score0.02991EPSS
Exploits4References2
Prion
Prion
added 2019/05/23 7:29 p.m.13 views

Hardcoded credentials

Computrols CBAS 18.0.0 has hard-coded encryption keys...

4CVSS7AI score0.00666EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/05/23 7:29 p.m.3 views

CVE-2019-10854

Computrols CBAS 18.0.0 allows Authenticated Command Injection...

8.8CVSS7.3AI score0.02991EPSS
Exploits4References2
CVE
CVE
added 2019/05/23 7:14 p.m.80 views

CVE-2019-10846

CVE-2019-10846 affects Computrols CBAS Web (versions prior to fixed 19.0.1/18.0.1 etc.). It describes an Unauthenticated Reflected Cross-Site Scripting vulnerability in the login and password-reset pages via the username GET parameter. Impact per sources is client-side script execution in a user’...

6.1CVSS6.3AI score0.04662EPSS
Exploits4References3Affected Software1
Cvelist
Cvelist
added 2019/05/23 7:14 p.m.31 views

CVE-2019-10846

Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scripting vulnerabilities in the login page and password reset page via the username GET parameter...

6.4AI score0.04662EPSS
Exploits4References3
CVE
CVE
added 2019/05/23 7:5 p.m.118 views

CVE-2019-10849

CBAS Web (Computrols CBAS) 19.0.0 is affected by an information-disclosure vulnerability due to an unprotected Subversion/SVN directory that can disclose the firmware source code. The Red Hat advisory and exploit reports confirm the issue affects CBAS Web and maps to CVE-2019-10849, with an impac...

7.5CVSS7.4AI score0.09012EPSS
Exploits4References3Affected Software1
Cvelist
Cvelist
added 2019/05/23 7:5 p.m.38 views

CVE-2019-10849

Computrols CBAS 18.0.0 allows unprotected Subversion SVN directory / source code disclosure...

7.5AI score0.09012EPSS
Exploits4References3
Cvelist
Cvelist
added 2019/05/23 7:3 p.m.22 views

CVE-2019-10850

Computrols CBAS 18.0.0 has Default Credentials...

9.5AI score0.01949EPSS
Exploits0References2
Rows per page
Query Builder