103 matches found
CVE-2025-8703
A vulnerability classified as critical was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. This vulnerability affects unknown code of the file /WEASHomePage/GetAreaTrendChartData of the component Environmental Real-Time Data Module. The manipulation of the argument energy...
CVE-2025-8703 Wanzhou WOES Intelligent Optimization Energy Saving System Environmental Real-Time Data Module GetAreaTrendChartData sql injection
A vulnerability classified as critical was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. This vulnerability affects unknown code of the file /WEASHomePage/GetAreaTrendChartData of the component Environmental Real-Time Data Module. The manipulation of the argument energy...
CVE-2025-8703 Wanzhou WOES Intelligent Optimization Energy Saving System Environmental Real-Time Data Module GetAreaTrendChartData sql injection
A vulnerability classified as critical was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. This vulnerability affects unknown code of the file /WEASHomePage/GetAreaTrendChartData of the component Environmental Real-Time Data Module. The manipulation of the argument energy...
CVE-2020-25154
An open redirect vulnerability in the administrative interface of the B. Braun Melsungen AG SpaceCom device Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to redirect users to malicious websites...
CVE-2020-25160
Improper access controls in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enables attackers to extract and tamper with the devices network configuration...
CVE-2020-25168
Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enable attackers with command line access to access the device’s Wi-Fi module...
CVE-2012-1654
Multiple cross-site scripting XSS vulnerabilities in the Data module 6.x-1.x before 6.x-1.0 and 7.x-1.x before 7.x-1.0-alpha3 for Drupal allow remote authenticated users with the administer data tables permission to inject arbitrary web script or HTML via the title parameter in 1 data.views.inc a...
Moodle Information Disclosure Vulnerability (CNVD-2025-09237)
Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from an information disclosure vulnerability that stems from the edit and delete pages of the moddata module...
The vulnerability of the mod_data module in the virtual training environment Moodle, which allows a intruder to gain unauthorized access to protected information
The vulnerability of the moddata module in the virtual training environment Moodle is related to the disclosure of information through query strings. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
Cross-Site Request Forgery (CSRF)
moodle/moodle is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to information leakage through URLs due to confidential CSRF protection data being exposed on edit and delete pages within the moddata module, allows an attacker to potentially perform Cross-Site Request...
UBUNTU-CVE-2025-3637
A security vulnerability was found in Moodle where confidential information that prevents cross-site request forgery CSRF attacks was shared publicly through the site's URL. This vulnerability occurred specifically on two types of pages within the moddata module: edit and delete pages...
Moodle 安全漏洞
Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from an information disclosure vulnerability that stems from the edit and delete pages of the moddata module...
CVE-2020-25158
A reflected cross-site scripting XSS vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows remote attackers to inject arbitrary web script or HTML into various locations...
CVE-2020-25150
A relative path traversal attack in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers with service user privileges to upload arbitrary files. By uploading a specially crafted tar file an attacker can execute...
CVE-2020-25162
A XPath injection vulnerability in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows unauthenticated remote attackers to access sensitive information and escalate privileges...
DiCal-RED 4009 Cryptography Failure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-038 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Versions: Unknown Tested Versions: 4009 Vulnerability Type: Use of Password Hash Instead of Password for Authentication CWE-836 Risk Level: Medium Solution...
DiCal-RED 4009 Weak Hashing
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2024-037 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Versions: Unknown Tested Versions: 4009 Vulnerability Type: Use of Password Hash With Insufficient Computational Effort CWE-916 Risk Level: Medium Solution...
The vulnerability of the Upload Data module in the Splunk Web interface of the Splunk Enterprise operational analytics platform allows a hacker to write arbitrary files.
The vulnerability of the Upload Data module in the Splunk Web interface of the Splunk Enterprise operating analysis platform is related to the unlimited uploading of dangerous types of files. Exploiting this vulnerability allows a malicious actor to upload any type of file...
Malicious code in mytardis-data-module (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-2686 Malicious code in mytardis-data-module (npm)
--- -= Per source details. Do not edit below this line.=-...