1071 matches found
harmoniedailleurs.fr Cross Site Scripting vulnerability OBB-2856209
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress plugin Essential Blocks for Gutenberg 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
The vulnerability of the SSH key import function in multifunctional measuring devices SICAM GridEdge Essential ARM (6MD7881-2AA30), SICAM GridEdge Essential Intel (6MD7881-2AA40), SICAM GridEdge Essential Intel (6MD7881-2AA40), and SICAM GridEdge Essential with GDS Intel (6MD7881-2AA20) allows a hacker to execute arbitrary code.
The vulnerability of the SSH key import function in SICAM GridEdge Essential ARM 6MD7881-2AA30, SICAM GridEdge Essential Intel 6MD7881-2AA40, SICAM GridEdge Essential Intel 6MD7881-2AA40, and SICAM GridEdge Essential with GDS Intel 6MD7881-2AA20 devices relates to the disclosure of information in...
an-electrorecycling.de Cross Site Scripting vulnerability OBB-2688304
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
What is the Essential Eight (And Why Non-Aussies Should Care)
In 2017, The Australian Cyber Security Center ACSC published a set of mitigation strategies that were designed to help organizations to protect themselves against cyber security incidents. These strategies, which became known as the Essential Eight, are designed specifically for use on Windows...
CVE-2022-30229
A vulnerability has been identified in SICAM GridEdge Classic All versions V2.6.6. The affected application does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to change data of a user, such as credentials, in case that user's id is known...
CVE-2022-30230
A vulnerability has been identified in SICAM GridEdge Classic All versions V2.6.6. The affected application does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to create a new user with administrative permissions...
CVE-2022-30228
A vulnerability has been identified in SICAM GridEdge Classic All versions V2.6.6. The affected software does not apply cross-origin resource sharing CORS restrictions for critical operations. In case an attacker tricks a legitimate user into accessing a special resource a malicious request could...
Design/Logic Flaw
A vulnerability has been identified in SICAM GridEdge Essential ARM All versions V2.6.6, SICAM GridEdge Essential Intel All versions V2.6.6, SICAM GridEdge Essential with GDS ARM All versions V2.6.6, SICAM GridEdge Essential with GDS Intel All versions V2.6.6. The affected software does not requi...
CVE-2022-30231
CVE-2022-30231 affects Siemens SICAM GridEdge Essential products (ARM/Intel variants, with/without GDS) and SICAM GridEdge Classic in affected ranges, where prior to v2.6.6 a resource-leak exposes password hashes of other users upon request. The vulnerability enables an authenticated user to retr...
CVE-2022-30230
CVE-2022-30230 affects Siemens SICAM GridEdge components (Essential ARM/Intel, with/without GDS) prior to version 2.6.6. The vulnerability arises from missing authentication for privileged functions, allowing an unauthenticated attacker to create a new user with administrative permissions. The is...
CVE-2022-30229
A vulnerability has been identified in SICAM GridEdge Classic All versions V2.6.6. The affected application does not require authenticated access for privileged functions. This could allow an unauthenticated attacker to change data of a user, such as credentials, in case that user's id is known...
CVE-2022-30228
CVE-2022-30228 affects Siemens SICAM GridEdge Classic (all versions
PT-2022-20026
Name of the Vulnerable Software and Affected Versions SICAM GridEdge Essential ARM versions prior to V2.6.6 SICAM GridEdge Essential Intel versions prior to V2.6.6 SICAM GridEdge Essential with GDS ARM versions prior to V2.6.6 SICAM GridEdge Essential with GDS Intel versions prior to V2.6.6...
Siemens SICAM GridEdge Essential 授权问题漏洞
SICAM GridEdge enables IoT functionality in your existing IEC 61850 devices with just a few clicks.Siemens SICAM GridEdge is vulnerable to an authentication error, which stems from the fact that the affected software does not require authenticated access to privileged functions and can be exploit...
Siemens SICAM GridEdge Essential 访问控制错误漏洞
SICAM GridEdge enables IoT functionality in your existing IEC61850 devices with just a few clicks.A source authentication error vulnerability in Siemens SICAM GridEdge is caused by the fact that the affected software does not apply cross-domain resource sharing CORS restrictions to critical...
WordPress Essential Addons for Elementor Plugin < 5.0.9 XSS Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpdeveloper:essentialaddonsforelementor"; ifdescription...
CVE-2022-0683
The Essential Addons for Elementor Lite WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the settings parameter found in the /includes/Traits/Helper.php file which allows attackers to inject arbitrary web scripts onto a pages that executes...
CVE-2022-0683
CVE-2022-0683 affects the WordPress plugin WordPress Essential Addons for Elementor Lite. The vulnerability is a Cross-Site Scripting (XSS) due to insufficient escaping and sanitization of the settings parameter found in includes/Traits/Helper.php, exploitable when a user clicks a crafted link. A...
CVE-2022-0683 Essential Addons for Elementor Lite <= 5.0.8 Reflected Cross-Site Scripting
The Essential Addons for Elementor Lite WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the settings parameter found in the /includes/Traits/Helper.php file which allows attackers to inject arbitrary web scripts onto a pages that executes...