84 matches found
EUVD-2019-5965
Malware in sbrugna...
EUVD-2019-5963
Malware in sbrugna...
EUVD-2012-1085
Malware in sbrugna...
EUVD-2024-19704
Malicious code in bioql PyPI...
CVE-2024-22108
An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method setTermsHashAction at /opt/webapp/lib/PureApi/CCApi.class.php is vulnerable to an unauthenticated SQL injection via /ccapi.php that an attacker can abuse in order to change the Administrator password to a known value...
CVE-2024-22107
An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method systemSettingsDnsDataAction at /opt/webapp/src/AppBundle/Controller/React/SystemSettingsController.php is vulnerable to command injection via the /old/react/v1/api/system/dns/data endpoint. An authenticated attacker can...
The vulnerability of the setTermsHashAction method in the component /opt/webapp/lib/PureApi/CCApi.class.php allows a violator to execute arbitrary SQL queries within the GTB Central Console’s DLP system.
The vulnerability of the setTermsHashAction method in the /opt/webapp/lib/PureApi/CCApi.class.php file of the DLP system’s GTB Central Console relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL...
CVE-2024-22108
An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method setTermsHashAction at /opt/webapp/lib/PureApi/CCApi.class.php is vulnerable to an unauthenticated SQL injection via /ccapi.php that an attacker can abuse in order to change the Administrator password to a known value...
CVE-2024-22107
An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method systemSettingsDnsDataAction at /opt/webapp/src/AppBundle/Controller/React/SystemSettingsController.php is vulnerable to command injection via the /old/react/v1/api/system/dns/data endpoint. An authenticated attacker can...
CVE-2024-22108
An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method setTermsHashAction at /opt/webapp/lib/PureApi/CCApi.class.php is vulnerable to an unauthenticated SQL injection via /ccapi.php that an attacker can abuse in order to change the Administrator password to a known value...
Sql injection
An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method setTermsHashAction at /opt/webapp/lib/PureApi/CCApi.class.php is vulnerable to an unauthenticated SQL injection via /ccapi.php that an attacker can abuse in order to change the Administrator password to a known value...
Command injection
An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method systemSettingsDnsDataAction at /opt/webapp/src/AppBundle/Controller/React/SystemSettingsController.php is vulnerable to command injection via the /old/react/v1/api/system/dns/data endpoint. An authenticated attacker can...
CVE-2024-22108
An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method setTermsHashAction at /opt/webapp/lib/PureApi/CCApi.class.php is vulnerable to an unauthenticated SQL injection via /ccapi.php that an attacker can abuse in order to change the Administrator password to a known value...
CVE-2024-22108
Summary: GTB Central Console 15.17.1-30814.NG is affected by an unauthenticated SQL injection in the function setTermsHashAction (PureApi/CCApi.class.php) reachable via /ccapi.php. This can allow an attacker to change the Administrator password to a known value. Impact: cryptographic and admin cr...
CVE-2024-22108
An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method setTermsHashAction at /opt/webapp/lib/PureApi/CCApi.class.php is vulnerable to an unauthenticated SQL injection via /ccapi.php that an attacker can abuse in order to change the Administrator password to a known value...
GTB Central Console Security Vulnerability
GTB Technologies GTB Central Console is a security solution component or tool from GTB Technologies. A security vulnerability exists in GTB Central Console version 15.17.1-30814.NG. An attacker can exploit this vulnerability to inject arbitrary commands and compromise the platform...
CVE-2024-22107
GTB Central Console 15.17.1-30814.NG is affected by a command-injection vulnerability in the systemSettingsDnsDataAction method of SystemSettingsController.php, exploitable via the /old/react/v1/api/system/dns/data endpoint. An authenticated attacker can inject arbitrary commands to compromise th...
CVE-2024-22107
An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method systemSettingsDnsDataAction at /opt/webapp/src/AppBundle/Controller/React/SystemSettingsController.php is vulnerable to command injection via the /old/react/v1/api/system/dns/data endpoint. An authenticated attacker can...
GTB Central Console Security Vulnerability
GTB Technologies GTB Central Console is a security solution component or tool from GTB Technologies. A security vulnerability exists in GTB Central Console version 15.17.1-30814.NG. An attacker can exploit the vulnerability to change the administrator password to a known value...
PT-2024-2067 · Unknown · Gtb Central Console
Name of the Vulnerable Software and Affected Versions: GTB Central Console version 15.17.1-30814.NG Description: An issue was discovered in the GTB Central Console, where the method systemSettingsDnsDataAction at /opt/webapp/src/AppBundle/Controller/React/SystemSettingsController.php is vulnerabl...