69 matches found
FNT Command 安全漏洞
FNT Command is a data center infrastructure management platform from FNT Germany. A security vulnerability exists in FNT Command version 13.4.0, which stems from a code execution vulnerability in the C Base Module...
CVE-2025-66237
DCIM dcTrack platforms utilize default and hard-coded credentials for access. An attacker could use these credentials to administer the database, escalate privileges on the platform or execute system commands on the host...
CVE-2025-66237 Sunbird DCIM dcTrack and Power IQ Use of Hard-coded Credentials
DCIM dcTrack platforms utilize default and hard-coded credentials for access. An attacker could use these credentials to administer the database, escalate privileges on the platform or execute system commands on the host...
Sunbird DCIM dcTrack 安全漏洞
Sunbird DCIM dcTrack is an asset monitoring management software from Sunbird DCIM. A security vulnerability exists in Sunbird DCIM dcTrack that stems from remote access feature abuse and could result in network traffic redirection...
EUVD-2024-25110
Malicious code in bioql PyPI...
EUVD-2024-25111
Malicious code in bioql PyPI...
ROS-20250911-12
Vulnerabilities in GLPI's asset management and data center management software are related to improper privilege management. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges...
ATEN eco DC 安全漏洞
ATEN eco DC is a data center infrastructure management software from China's ATEN Automation ATEN. A security vulnerability exists in ATEN eco DC, which stems from a missing authorization and could lead to elevated privileges...
ROS-20250827-07
A vulnerability in GLPI's asset management and data center management software is related to improper neutralization of HTML tags associated with scripts on a web page. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code GLPI asset and data center...
CVE-2024-27914
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI administrator in order to exploit a reflected XSS vulnerability. The XSS will only trigger if...
CVE-2023-37570
This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system...
CVE-2024-37774
A Cross-Site Request Forgery CSRF in Sunbird DCIM dcTrack v9.1.2 allows authenticated attackers to escalate their privileges by forcing an Administrator user to perform sensitive requests in some admin screens...
Sunbird DCIM dcTrack 安全漏洞
Sunbird DCIM dcTrack is an asset monitoring management software from Sunbird DCIM. A security vulnerability exists in Sunbird DCIM dcTrack version v9.1.2, which stems from the presence of faulty access control that allows an attacker to create or update a location ticket with a bypassed RBAC chec...
Sunbird DCIM dcTrack 安全漏洞
Sunbird DCIM dcTrack is an asset monitoring and management software from Sunbird DCIM. A security vulnerability exists in Sunbird DCIM dcTrack version v9.1.2, which stems from the presence of an HTML injection vulnerability that allows an attacker authenticated as an administrator to inject...
NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37595)
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...
NetBox 安全漏洞
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...
NetBox 安全漏洞
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...
ROS-20240328-01
GLPI's asset management and data center management software vulnerability is related to the SQL code injection through administration of dashboards. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQL queries...
CVE-2024-27104
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. A user with rights to create and share dashboards can build a dashboard containing javascript code. Any user that will open this dashboard will be subject t...
CVE-2024-27098
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can execute a SSRF based attack using Arbitrary Object Instantiation. This issue has been patched in version 10.0.13...