18 matches found
EUVD-2021-14861
Malware in sbrugna...
1E Platform Security Vulnerability
1E Platform is a terminal endpoint management and automation solution from 1E. A security vulnerability exists in versions prior to 1E Platform v18.1 that stems from a command that fails to properly validate input parameters, allowing specially crafted inputs to execute arbitrary code with system...
CVE-2021-28173
The file upload function of Vangene deltaFlow E-platform does not perform access controlled properly. Remote attackers can upload and execute arbitrary files without login...
CVE-2021-28172
There is a Path Traversal vulnerability in the file download function of Vangene deltaFlow E-platform. Remote attackers can access credential data with this leakage...
CVE-2021-28171
The Vangene deltaFlow E-platform does not take properly protective measures. Attackers can obtain privileged permissions remotely by tampering with users’ data in the Cookie...
CVE-2021-28171
The Vangene deltaFlow E-platform does not take properly protective measures. Attackers can obtain privileged permissions remotely by tampering with users’ data in the Cookie...
CVE-2021-28172
There is a Path Traversal vulnerability in the file download function of Vangene deltaFlow E-platform. Remote attackers can access credential data with this leakage...
Design/Logic Flaw
The Vangene deltaFlow E-platform does not take properly protective measures. Attackers can obtain privileged permissions remotely by tampering with users’ data in the Cookie...
Path traversal
There is a Path Traversal vulnerability in the file download function of Vangene deltaFlow E-platform. Remote attackers can access credential data with this leakage...
CVE-2021-28173
CVE-2021-28173 affects Vangene deltaFlow E-platform. The vulnerability is an unauthorized file upload due to improper access control, enabling remote attackers to upload and execute arbitrary files without authentication. Supported by multiple connected sources (NVD entry and regional disclosures...
CVE-2021-28173 Vangene deltaFlow E-platform - Arbitrary File Upload
The file upload function of Vangene deltaFlow E-platform does not perform access controlled properly. Remote attackers can upload and execute arbitrary files without login...
CVE-2021-28172
CVE-2021-28172 describes a path traversal vulnerability in the file download function of Vangene deltaFlow E-platform. The underlying issue allows remote attackers to access credential data through the download mechanism. The entry cites a network-accessible vector with low attack complexity and ...
CVE-2021-28171
The CVE-2021-28171 entry concerns the Vangene deltaFlow E-platform. The vulnerability stems from improper protective measures that allow remote attackers to obtain privileged permissions by tampering with users’ cookie data. Affected component: cookie-based session/authorization data handling in ...
CVE-2021-28171 Vangene deltaFlow E-platform - Broken Authentication
The Vangene deltaFlow E-platform does not take properly protective measures. Attackers can obtain privileged permissions remotely by tampering with users’ data in the Cookie...
CVE-2021-28172 Vangene deltaFlow E-platform - Path Traversal
There is a Path Traversal vulnerability in the file download function of Vangene deltaFlow E-platform. Remote attackers can access credential data with this leakage...
Vangene deltaFlow E-platform 代码问题漏洞
The Vangene deltaFlow E-platform is an application system from Vangene, China. Standard forms can be set up quickly in less than five minutes. A code issue exists in Vangene deltaFlow E-platform, which is caused by the upload function not being properly access controlled. A remote attacker can...
UNESCO E-platform domain got hacked by Fatal Error Crew
UNESCO E-platform domain got hacked by Fatal Error Crew The E-Platform domain of one of the Biggest Organisation United Nations Educational, Scientific and Cultural Organization UNESCO got hacked and defaced by Fatal Error Crew hackers . Mirror of hack is available here...
UNESCO E-platform domain got hacked by Fatal Error Crew
UNESCO E-platform domain got hacked by Fatal Error Crew The E-Platform domain of one of the Biggest Organisation United Nations Educational, Scientific and Cultural Organization UNESCO got hacked and defaced by Fatal Error Crew hackers . Mirror of hack is available here...