19 matches found
EUVD-2020-13179
Malware in sbrugna...
UK Shuts Down ‘Russian Coms’ Fraud Platform Defrauding Millions
The UKs National Crime Agency has dismantled Russian Coms, a major fraud platform responsible for global financial losses.…...
CVE-2024-38285 Insufficiently Protected Credentials in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)
Logs storing credentials are insufficiently protected and can be decoded through the use of open source tools...
CVE-2024-38284 Authentication Bypass by Capture-replay in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)
Transmitted data is logged between the device and the backend service. An attacker could use these logs to perform a replay attack to replicate calls...
CVE-2024-38284 Authentication Bypass by Capture-replay in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)
Transmitted data is logged between the device and the backend service. An attacker could use these logs to perform a replay attack to replicate calls...
CVE-2024-38283 Missing Encryption of Sensitive Data in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)
Sensitive customer information is stored in the device without encryption...
CVE-2024-38281 Use of Hard-coded Credentials in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)
An attacker can access the maintenance console using hard coded credentials for a hidden wireless network on the device...
CVE-2024-38280 Cleartext Storage in a File or on Disk in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)
An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text...
CVE-2024-38280 Cleartext Storage in a File or on Disk in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)
An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text...
CVE-2024-38279 Authentication Bypass Using an Alternate Path or Channel in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)
The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password hashes...
Motorola Solutions Vigilant Fixed LPR Coms Box Security Vulnerability
Motorola Solutions Vigilant Fixed LPR Coms Box is a license plate recognition system from Motorola Solutions USA. A security vulnerability exists in the Motorola Solutions Vigilant Fixed LPR Coms Box, which arises from data being stored in clear text, which could allow an unauthorized user to...
CVE-2020-20392
SQL Injection vulnerability in imcat v5.2 via the fmauser parameters in coms/addcoms.php...
Sql injection
SQL Injection vulnerability in imcat v5.2 via the fmauser parameters in coms/addcoms.php...
CVE-2020-20392
CVE-2020-20392 affects the imcat web app (v5.2). The vulnerability is a SQL injection via the fm[auser] parameter in coms/add_coms.php. Public sources describe the issue and its high/critical impact (CVSS v3.1: 9.8; v2: 7.5), but the connected documents do not provide concrete fixes, affected bui...
Imcat SQL注入漏洞
imcat intimate cat is a lightweight, free, shared general-purpose PHP web application. A SQL injection vulnerability exists in imcat version 5.2. An attacker can exploit this vulnerability by using the fmauser parameter in coms/addcoms.php to perform a SQL injection attack...
COMS 'dynamic.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/32459/info COMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
COms - dynamic.php Cross-Site Scripting
COms - dynamic.php Cross-Site Scripting source: https://www.securityfocus.com/bid/32459/info COMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of a...
COms - 'dynamic.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/32459/info COMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...
coms-xss.txt
--------------------------------------------------------- Portal Name: COMS Contents & Object Management System Vendor : http://Coms.ir Vulnerable File : dynamic.php Dork: Copyright C 2005-2007 by COMS Author : PouyaServer , [email protected] Vulnerability : XSS Cross site scripting...