159 matches found
CVE-2024-11306
A vulnerability, which was classified as critical, has been found in Altenergy Power Control Software up to 20241108. This issue affects some unknown processing of the file /index.php/display/database/. The manipulation leads to improper authorization. The attack may be initiated remotely. The...
The vulnerability of TP-Link Tapo H200 smart home control software, related to the storage of information in an open manner, allows a intruder to obtain Wi-Fi credentials.
The vulnerability of TP-Link Tapo H200 smart home control software relates to the storage of information in an open manner. Exploiting this vulnerability could allow a intruder to obtain Wi-Fi credentials...
The vulnerability of the SmartCard Authentication component in the SolarWinds DameWare Mini Remote Control software allows a intruder to execute arbitrary codes.
The vulnerability of the SmartCard Authentication component in the SolarWinds DameWare Mini Remote Control software lies in the lack of a proper mechanism for verifying the source of the credential. Exploiting this vulnerability could allow an attacker to execute arbitrary commands by sending a...
The vulnerability of TeamViewer’s software for remote control of computers allows attackers to increase their privileges.
The vulnerability of TeamViewer’s remote control software relates to the improper elimination of arguments in a command sequence. Exploiting this vulnerability can allow an attacker to enhance their privileges by introducing specially crafted arguments...
CVE-2024-55957
In Thermo Fisher Scientific Xcalibur before 4.7 SP1 and Thermo Foundation Instrument Control Software ICSW before 3.1 SP10, the driver packages have a local privilege escalation vulnerability due to improper access control permissions on Windows systems...
Thermo Fisher Scientific Xcalibur 安全漏洞
Thermo Fisher Scientific Xcalibur is a data acquisition and interpretation software from Thermo Fisher Scientific USA. A security vulnerability exists in Thermo Fisher Scientific Xcalibur versions prior to 4.7 SP1 and Thermo Foundation Instrument Control Software ICSW versions prior to 3.1 SP10,...
CVE-2025-22800
Missing Authorization vulnerability in Post SMTP Post SMTP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Post SMTP: from n/a through 2.9.11...
PaperCut NG 安全漏洞
PaperCut NG is a printer control software from PaperCut, Inc. A security vulnerability exists in PaperCut NG that stems from the exposure of a dangerous function with a remote code execution vulnerability that could allow a remote attacker to execute arbitrary code on an affected installation...
CVE-2024-11306
A vulnerability, which was classified as critical, has been found in Altenergy Power Control Software up to 20241108. This issue affects some unknown processing of the file /index.php/display/database/. The manipulation leads to improper authorization. The attack may be initiated remotely. The...
CVE-2024-11306 Altenergy Power Control Software database improper authorization
A vulnerability, which was classified as critical, has been found in Altenergy Power Control Software up to 20241108. This issue affects some unknown processing of the file /index.php/display/database/. The manipulation leads to improper authorization. The attack may be initiated remotely. The...
CVE-2024-11306
The CVE-2024-11306 entry concerns Altenergy Power Control Software up to 20241108 where an improper authorization vulnerability exists in the /index.php/display/database/ endpoint. A remote attacker could exploit this to gain unauthorized processing access; the exploit has been disclosed publicly...
CVE-2024-11305
A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...
CVE-2024-11305 Altenergy Power Control Software status_zigbee get_status_zigbee sql injection
A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...
CVE-2024-11305
Altenergy Power Control Software contains a SQL injection in the get_status_zigbee function (file /index.php/display/status_zigbee) index parameter date. The vulnerability affects versions up to 20241108 and can be exploited remotely. The nuclei template specifies that authenticated attackers cou...
Altenergy Power System Control Software 注入漏洞
Altenergy Power System Control Software is microinverter control software from Altenergy Power System. An injection vulnerability exists in Altenergy Power Control Software 20241108 and prior versions that stems from an improper authorization issue in the file /index.php/display/database/...
Altenergy Power System Control Software 注入漏洞
Altenergy Power System Control Software is microinverter control software from Altenergy Power System. An injection vulnerability exists in Altenergy Power System Control Software version 20241108 and prior versions, which stems from an SQL injection in parameter date...
PT-2024-16897 · Altenergy · Altenergy Power Control
Name of the Vulnerable Software and Affected Versions: Altenergy Power Control Software versions up to 20241108 Description: A critical vulnerability has been found in the Altenergy Power Control Software, affecting the get status zigbee function of the file /index.php/display/status zigbee. The...
CVE-2022-25768
The logic in place to facilitate the update process via the user interface lacks access control to verify if permission exists to perform the tasks. Prior to this patch being applied it might be possible for an attacker to access the Mautic version number or to execute parts of the upgrade proces...
Singapore Police Arrest Six Hackers Linked to Global Cybercrime Syndicate
The Singapore Police Force SPF has announced the arrest of five Chinese nationals and one Singaporean man for their alleged involvement in illicit cyber activities in the country. The development comes after a group of about 160 law enforcement officials conducted a series of raids on September 9...
The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform lies in the lack of protective measures for the SQL query structure, allowing attackers to execute arbitrary SQL code.
The vulnerability of the software for network monitoring and control of IT infrastructure on the SolarWinds Platform is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...