WeGIA 安全漏洞

WeGIA is a network manager for welfare institutions developed by Nilson Lazarin as an individual project. Versions of WeGIA prior to 3.6.5 contained security vulnerabilities. These vulnerabilities stemmed from the adicionartipodocsatendido.php script not being processed through a central...

The vulnerability of the centralized control system for network devices and ports of Advantech iView, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the centralized control system for network devices and ports of Advantech iView is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...

CVE-2024-24257

An issue in skteco.com Central Control Attendance Machine web management platform v.3.0 allows an attacker to obtain sensitive information via a crafted script to the csl/user component...

The vulnerability of the device management consoles (AMS) and central control consoles (SMM) of the SonicWall SMA 1000 series microprogrammed network interface controllers allows attackers to execute arbitrary operating system commands.

The vulnerability of the device management consoles AMS and central control consoles SMM of SonicWall’s SMA 1000 series microprogrammed network interface controllers is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability could allow a remote attacker to execute...

CVE-2024-24257

An issue in skteco.com Central Control Attendance Machine web management platform v.3.0 allows an attacker to obtain sensitive information via a crafted script to the csl/user component...

CVE-2024-24257

An issue in skteco.com Central Control Attendance Machine web management platform v.3.0 allows an attacker to obtain sensitive information via a crafted script to the csl/user component...

PT-2024-20328 · Skteco.Com · Skteco.Com Central Control Attendance Machine Web Management Platform

Name of the Vulnerable Software and Affected Versions: skteco.com Central Control Attendance Machine web management platform version 3.0 Description: The issue allows an attacker to obtain sensitive information via a crafted script to the "csl/user" component. Recommendations: For version 3.0,...

CVE-2024-24257

The CVE-2024-24257 entry concerns skteco.com Central Control Attendance Machine Web Management Platform (v3.0). The vulnerability is described as an Information Disclosure: a crafted script targeting the csl/user component may allow an attacker to obtain sensitive information. Concrete technical ...

ZKTeco Central Control Attendance Machine Web Management Platform 安全漏洞

ZKTeco Central Control Attendance Machine Web Management Platform is a centralized control time and attendance machine web management platform from ZKTeco, China. A security vulnerability exists in Zkteco Central Control Attendance Machine Web Management Platform version v.3.0. An attacker can...

Siemens SICAM TOOLBOX II Critical Resource Privilege Assignment Error Vulnerability

SICAM TOOLBOX II is an engineering solution for plants and systems of all sizes. It allows data collection, data modeling, configuration and parameterization. It is used for process information engineering of automation and central control room systems. Siemens SICAM TOOLBOX II suffers from a...

PT-2022-6465 · Rittal · Rittal Cmc Pu Iii

Name of the Vulnerable Software and Affected Versions: Rittal CMC III affected versions not specified Description: The issue is related to inadequate access control in the Rittal CMC III central control unit, which can be exploited by an attacker to gain unauthorized access to protected informati...

CVE-2022-20087

In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06477970; Issue ID: ALPS06477970...

CVE-2022-20039

In ccu driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06183345; Issue ID: ALPS06183345...

CVE-2022-20039

In ccu driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06183345; Issue ID: ALPS06183345...

Rickroll Grad Prank Exposes Exterity IPTV Bug

UPDATE When Township High School District 214 in Illinois got rickrolled all at once across its six different schools just before graduation, it was more than a meticulously executed senior prank. Cybersecurity star-in-the-making and recent high-school graduate Minh Duong found, and was able to...

Microsoft Dynamics Business Central 跨站脚本漏洞

Microsoft Dynamics Business Central is an enterprise resource planning system from Microsoft. The system includes functionality for financial management, project management, and supply chain management. A cross-site scripting vulnerability exists in Microsoft Dynamics Business Central Control. Th...

Trend Micro Password Manager Integer Truncation Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Password Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Tre...

CVE-2021-0347

In ccu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID:...

The vulnerability of the central control server of SiNVR 3 Central Control Server lies in the lack of measures for cleaning incoming data. This allows a intruder to gain unauthorized access to protected information or perform arbitrary actions on the vulnerable device.

The vulnerability of the central control server of SiNVR 3 Central Control Server lies in the lack of measures for cleaning incoming data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information or perform arbitrary actio...

The vulnerability of the central control server of SiNVR 3 Central Control Server lies in security flaws in the XML-based communication protocol, allowing attackers to perform arbitrary actions on the vulnerable device.

The vulnerability of the central control server of SiNVR 3 Central Control Server is related to security vulnerabilities in the XML-based communication protocol. Exploiting this vulnerability allows a malicious actor to perform arbitrary actions on the vulnerable device remotely...