23 matches found
EUVD-2023-44171
Malicious code in bioql PyPI...
EUVD-2023-53929
Malicious code in bioql PyPI...
CVE-2023-4037
Blind SQL injection vulnerability in the Conacwin 3.7.1.2 web interface, the exploitation of which could allow a local attacker to obtain sensitive data stored in the database by sending a specially crafted SQL query to the xml parameter...
CVE-2023-4037
Blind SQL injection vulnerability in the Conacwin 3.7.1.2 web interface, the exploitation of which could allow a local attacker to obtain sensitive data stored in the database by sending a specially crafted SQL query to the xml parameter...
Sql injection
Blind SQL injection vulnerability in the Conacwin 3.7.1.2 web interface, the exploitation of which could allow a local attacker to obtain sensitive data stored in the database by sending a specially crafted SQL query to the xml parameter...
CVE-2023-3512
Relative path traversal vulnerability in Setelsa Security's ConacWin CB, in its 3.8.2.2 version and earlier, the exploitation of which could allow an attacker to perform an arbitrary download of files from the system via the "Download file" parameter...
CVE-2023-3512
Relative path traversal vulnerability in Setelsa Security's ConacWin CB, in its 3.8.2.2 version and earlier, the exploitation of which could allow an attacker to perform an arbitrary download of files from the system via the "Download file" parameter...
Path traversal
Relative path traversal vulnerability in Setelsa Security's ConacWin CB, in its 3.8.2.2 version and earlier, the exploitation of which could allow an attacker to perform an arbitrary download of files from the system via the "Download file" parameter...
CVE-2023-4037
CVE-2023-4037 affects Setelsa Security ConacWin CB 3.7.1.2. A blind SQL injection in the Conacwin web interface allows a local attacker to obtain sensitive data by sending a specially crafted SQL query to the xml parameter. The vulnerability targets the web interface component, with impact to con...
CVE-2023-4037 SQL injection in Setelsa Security ConacWin
Blind SQL injection vulnerability in the Conacwin 3.7.1.2 web interface, the exploitation of which could allow a local attacker to obtain sensitive data stored in the database by sending a specially crafted SQL query to the xml parameter...
CVE-2023-4037 SQL injection in Setelsa Security ConacWin
Blind SQL injection vulnerability in the Conacwin 3.7.1.2 web interface, the exploitation of which could allow a local attacker to obtain sensitive data stored in the database by sending a specially crafted SQL query to the xml parameter...
CVE-2023-3512 Relative path traversal in Setelsa Security ConacWin CB
Relative path traversal vulnerability in Setelsa Security's ConacWin CB, in its 3.8.2.2 version and earlier, the exploitation of which could allow an attacker to perform an arbitrary download of files from the system via the "Download file" parameter...
CVE-2023-3512 Relative path traversal in Setelsa Security ConacWin CB
Relative path traversal vulnerability in Setelsa Security's ConacWin CB, in its 3.8.2.2 version and earlier, the exploitation of which could allow an attacker to perform an arbitrary download of files from the system via the "Download file" parameter...
CVE-2023-3512
CVE-2023-3512 affects Setelsa Security ConacWin CB,
PT-2023-25151 · Unknown · Conacwin Cb
Name of the Vulnerable Software and Affected Versions: ConacWin CB versions 3.8.2.2 and earlier Description: The issue is a relative path traversal vulnerability that could allow an attacker to perform an arbitrary download of files from the system via the Download file parameter. Recommendations...
Setelsa Security ConacWin CB SQL Injection Vulnerability
Setelsa Security ConacWin CB is an application from Setelsa Security. Setelsa Security ConacWin CB version 3.7.1.2 suffers from a SQL injection vulnerability that originates from a SQL injection vulnerability in the web interface, which can be exploited by a local attacker to obtain sensitive dat...
Setelsa Security ConacWin CB Path Traversal Vulnerability
Setelsa Security ConacWin CB is an application from Setelsa Security. A path traversal vulnerability exists in Setelsa Security ConacWin CB 3.8.2.2 and earlier versions, which can be exploited by an attacker to perform an arbitrary file download from the system via the Download file parameter...
Setelsa Conacwin 3.7.1.2 - Local File Inclusion
Exploit Title: Setelsa Conacwin 3.7.1.2 - Local File Inclusion Date: 02/09/20 Exploit Author: Bryan Rodriguez Martin AKA tr3mb0 Vendor Homepage: http://setelsa-security.es/productos/control-de-acceso/ Version: 3.7.1.2 Tested on: Windows FIX: The recommendation from the vendor is to update to the...
CVE-2020-25068
Setelsa Conacwin v3.7.1.2 is vulnerable to a local file inclusion vulnerability. This vulnerability allows a remote unauthenticated attacker to read internal files on the server via an http:IP:PORT/../../path/filetodisclose Directory Traversal URI. NOTE: The manufacturer indicated that the affect...
CVE-2020-25068
Setelsa Conacwin v3.7.1.2 is vulnerable to a local file inclusion vulnerability. This vulnerability allows a remote unauthenticated attacker to read internal files on the server via an http:IP:PORT/../../path/filetodisclose Directory Traversal URI. NOTE: The manufacturer indicated that the affect...