Lucene search
K

95 matches found

NVD
NVD
added 2019/05/23 7:29 p.m.24 views

CVE-2019-10852

Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=startpulling&id= substring...

8.8CVSS7.4AI score0.01751EPSS
Exploits1References3
NVD
NVD
added 2019/05/23 7:29 p.m.20 views

CVE-2019-10853

Computrols CBAS 18.0.0 allows Authentication Bypass...

8.3CVSS6.8AI score0.0166EPSS
Exploits4References2
Prion
Prion
added 2019/05/23 7:29 p.m.11 views

Default credentials

Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 with a pw prefix, e.g., if the password is admin, it will calculate the MD5 hash of pwadmin and store it in a MySQL database...

5CVSS7.8AI score0.00998EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/05/23 7:29 p.m.32 views

CVE-2019-10851

Computrols CBAS 18.0.0 has hard-coded encryption keys...

6.5CVSS6.4AI score0.00666EPSS
Exploits0References2
OSV
OSV
added 2019/05/23 7:29 p.m.5 views

CVE-2019-10852

Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=startpulling&id= substring...

8.8CVSS7.4AI score0.01751EPSS
Exploits1References3
Prion
Prion
added 2019/05/23 7:29 p.m.11 views

Command injection

Computrols CBAS 18.0.0 allows Authenticated Command Injection...

9CVSS8.8AI score0.02991EPSS
Exploits4References2Affected Software1
Prion
Prion
added 2019/05/23 7:29 p.m.13 views

Authentication flaw

Computrols CBAS 18.0.0 allows Authentication Bypass...

8.3CVSS8.5AI score0.0166EPSS
Exploits4References2Affected Software1
OSV
OSV
added 2019/05/23 7:29 p.m.4 views

CVE-2019-10853

Computrols CBAS 18.0.0 allows Authentication Bypass...

8.1CVSS7.3AI score0.0166EPSS
Exploits4References2
OSV
OSV
added 2019/05/23 7:29 p.m.4 views

CVE-2019-10851

Computrols CBAS 18.0.0 has hard-coded encryption keys...

6.5CVSS6.8AI score0.00666EPSS
Exploits0References2
NVD
NVD
added 2019/05/23 7:29 p.m.24 views

CVE-2019-10854

Computrols CBAS 18.0.0 allows Authenticated Command Injection...

9CVSS7AI score0.02991EPSS
Exploits4References2
Prion
Prion
added 2019/05/23 7:29 p.m.13 views

Hardcoded credentials

Computrols CBAS 18.0.0 has hard-coded encryption keys...

4CVSS7AI score0.00666EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/05/23 7:29 p.m.3 views

CVE-2019-10854

Computrols CBAS 18.0.0 allows Authenticated Command Injection...

8.8CVSS7.3AI score0.02991EPSS
Exploits4References2
Cvelist
Cvelist
added 2019/05/23 7:14 p.m.32 views

CVE-2019-10846

Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scripting vulnerabilities in the login page and password reset page via the username GET parameter...

6.4AI score0.04662EPSS
Exploits4References3
CVE
CVE
added 2019/05/23 7:14 p.m.82 views

CVE-2019-10846

CVE-2019-10846 affects Computrols CBAS Web (versions prior to fixed 19.0.1/18.0.1 etc.). It describes an Unauthenticated Reflected Cross-Site Scripting vulnerability in the login and password-reset pages via the username GET parameter. Impact per sources is client-side script execution in a user’...

6.1CVSS6.3AI score0.04662EPSS
Exploits4References3Affected Software1
Cvelist
Cvelist
added 2019/05/23 7:5 p.m.38 views

CVE-2019-10849

Computrols CBAS 18.0.0 allows unprotected Subversion SVN directory / source code disclosure...

7.5AI score0.09012EPSS
Exploits4References3
CVE
CVE
added 2019/05/23 7:5 p.m.119 views

CVE-2019-10849

CBAS Web (Computrols CBAS) 19.0.0 is affected by an information-disclosure vulnerability due to an unprotected Subversion/SVN directory that can disclose the firmware source code. The Red Hat advisory and exploit reports confirm the issue affects CBAS Web and maps to CVE-2019-10849, with an impac...

7.5CVSS7.4AI score0.09012EPSS
Exploits4References3Affected Software1
CVE
CVE
added 2019/05/23 7:3 p.m.54 views

CVE-2019-10850

CVE-2019-10850 involves Computrols CBAS 18.0.0 with default credentials. The trusted-identity issue allows unauthenticated access (PR:N, UI:N) over network, yielding high confidentiality, integrity, and availability impact per NVD metrics (CVSS v3: 9.8). Reports in CNVD describe a building-automa...

10CVSS9.4AI score0.01949EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/05/23 7:3 p.m.23 views

CVE-2019-10850

Computrols CBAS 18.0.0 has Default Credentials...

9.5AI score0.01949EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/05/23 6:58 p.m.37 views

CVE-2019-10851

Computrols CBAS 18.0.0 has hard-coded encryption keys...

6.5AI score0.00666EPSS
Exploits0References2
CVE
CVE
added 2019/05/23 6:58 p.m.51 views

CVE-2019-10851

CVE-2019-10851 affects Computrols CBAS Web; vulnerability stems from hard-coded encryption keys used to decrypt database backups in CBAS Web scripts. An authenticated attacker could access the device’s full database and discover sensitive information. Mitigations referenced in multiple advisories...

6.5CVSS6.5AI score0.00666EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder