Lucene search
K

4 matches found

NVD
NVD
added 2012/12/23 9:55 p.m.27 views

CVE-2012-6427

The Carlo Gavazzi EOS-Box does not check the validity of the data before executing queries. By accessing the SQL table of certain pages that do not require authentication, attackers can leak information from the device. This could allow the attacker to compromise confidentiality...

7.8CVSS8.6AI score0.01209EPSS
Exploits0References2
Prion
Prion
added 2012/12/23 9:55 p.m.18 views

Sql injection

Multiple SQL injection vulnerabilities in Carlo Gavazzi EOS-Box with firmware before 1.0.0.10802.1.10 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a similar issue to CVE-2012-5861...

7.5CVSS9AI score0.04078EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2012/11/23 11:0 a.m.51 views

CVE-2012-5861

CVE-2012-5861 affects Sinapsi Sinapsi eSolar family devices (Light, DUO, eSolar) with firmware prior to 2.0.2870_xxx_2.2.12. The issue is SQL injection caused by unvalidated data in web-facing components, allowing remote attackers to access SQL tables and leak confidential information. The relate...

7.8CVSS7AI score0.04078EPSS
Exploits1References7Affected Software4
ICS
ICS
added 2012/08/24 6:0 a.m.51 views

Sinapsi Devices Vulnerabilities

Overview This advisory is a follow-up to the alert titled ICS-ALERT-12-284-01—Sinapsi eSolar Light Vulnerabilities that was published October 10, 2012. Independent researchers Roberto Paleari and Ivan Speziale identified four vulnerabilities and released proof-of-concept exploit code for the...

10CVSS7.8AI score0.11946EPSS
Exploits2References10
Rows per page
Query Builder