Lucene search
K

27 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-4872

Malware in sbrugna...

5CVSS6.4AI score0.01673EPSS
Exploits0References4
NVD
NVD
added 2012/11/18 9:55 p.m.16 views

CVE-2012-4943

Multiple cross-site request forgery CSRF vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to hijack the authentication of arbitrary users for requests that modify 1 passwords, 2 accounts, or 3 permissions...

6.8CVSS7.4AI score0.00731EPSS
Exploits0References3
NVD
NVD
added 2012/11/18 9:55 p.m.12 views

CVE-2012-4946

Agile FleetCommander and FleetCommander Kiosk before 4.08 use an XOR format for password encryption, which makes it easier for context-dependent attackers to obtain sensitive information by reading a key file and the encrypted strings...

5CVSS6.2AI score0.0094EPSS
Exploits0References3
NVD
NVD
added 2012/11/18 9:55 p.m.9 views

CVE-2012-4944

Multiple unrestricted file upload vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary code by uploading a file via an unspecified page...

10CVSS7.8AI score0.03836EPSS
Exploits0References2
NVD
NVD
added 2012/11/18 9:55 p.m.14 views

CVE-2012-4947

Agile FleetCommander and FleetCommander Kiosk before 4.08 store database credentials in cleartext, which allows remote attackers to obtain sensitive information via requests to unspecified pages...

5CVSS6.3AI score0.01673EPSS
Exploits0References3
NVD
NVD
added 2012/11/18 9:55 p.m.13 views

CVE-2012-4945

Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary commands via unspecified vectors, related to a "command injection" issue...

7.5CVSS7.7AI score0.01936EPSS
Exploits0References2
Prion
Prion
added 2012/11/18 9:55 p.m.20 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to hijack the authentication of arbitrary users for requests that modify 1 passwords, 2 accounts, or 3 permissions...

6.8CVSS7.9AI score0.00731EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2012/11/18 9:55 p.m.16 views

Design/Logic Flaw

Agile FleetCommander and FleetCommander Kiosk before 4.08 store database credentials in cleartext, which allows remote attackers to obtain sensitive information via requests to unspecified pages...

5CVSS6.7AI score0.01673EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2012/11/18 9:55 p.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to inject arbitrary web script or HTML via an arbitrary text field...

4.3CVSS6.1AI score0.01001EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2012/11/18 9:55 p.m.14 views

Unrestricted file upload

Multiple unrestricted file upload vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary code by uploading a file via an unspecified page...

10CVSS8.4AI score0.03836EPSS
Exploits0References2Affected Software2
NVD
NVD
added 2012/11/18 9:55 p.m.22 views

CVE-2012-4942

Multiple cross-site scripting XSS vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to inject arbitrary web script or HTML via an arbitrary text field...

4.3CVSS5.8AI score0.01001EPSS
Exploits0References2
Prion
Prion
added 2012/11/18 9:55 p.m.13 views

Format string

Agile FleetCommander and FleetCommander Kiosk before 4.08 use an XOR format for password encryption, which makes it easier for context-dependent attackers to obtain sensitive information by reading a key file and the encrypted strings...

5CVSS6.7AI score0.0094EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2012/11/18 9:55 p.m.16 views

Command injection

Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary commands via unspecified vectors, related to a "command injection" issue...

7.5CVSS8.2AI score0.01936EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2012/11/18 9:55 p.m.18 views

Sql injection

Multiple SQL injection vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.2AI score0.01246EPSS
Exploits0References2Affected Software2
NVD
NVD
added 2012/11/18 9:55 p.m.17 views

CVE-2012-4941

Multiple SQL injection vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.5AI score0.01246EPSS
Exploits0References2
Cvelist
Cvelist
added 2012/11/18 9:0 p.m.20 views

CVE-2012-4944

Multiple unrestricted file upload vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary code by uploading a file via an unspecified page...

7.8AI score0.03836EPSS
Exploits0References2
CVE
CVE
added 2012/11/18 9:0 p.m.55 views

CVE-2012-4943

The CVE-2012-4943 entry concerns Agile FleetCommander and FleetCommander Kiosk (pre-4.08) with CSRF weaknesses allowing an attacker to hijack a logged-in user’s session to perform actions that change passwords, accounts, or permissions. The core issue is CSRF in the web interface, enabling uninte...

6.8CVSS7.6AI score0.00731EPSS
Exploits0References3Affected Software2
CVE
CVE
added 2012/11/18 9:0 p.m.55 views

CVE-2012-4946

Agile FleetCommander and FleetCommander Kiosk before 4.08 store passwords with a reversible XOR encryption, enabling an attacker who can read the password key file and encrypted strings to obtain sensitive information. This CVE is documented by NVD and CVE records; CERT notes updates to 4.08/4.08...

5CVSS6.3AI score0.0094EPSS
Exploits0References3Affected Software2
CVE
CVE
added 2012/11/18 9:0 p.m.48 views

CVE-2012-4945

CVE-2012-4945 affects Agile FleetCommander and FleetCommander Kiosk prior to 4.08. The vulnerability is described as a command injection flaw that could allow a remote attacker to execute arbitrary commands via unspecified vectors. Public sources (NVD/PRION/Cert) corroborate multiple web-facing v...

7.5CVSS7.9AI score0.01936EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2012/11/18 9:0 p.m.42 views

CVE-2012-4947

CVE-2012-4947 affects Agile FleetCommander and FleetCommander Kiosk prior to 4.08, where database credentials are stored in cleartext. This information disclosure vulnerability allows remote attackers to obtain sensitive data via unspecified pages. The NVD entry confirms a medium severity (CVSS v...

5CVSS6.4AI score0.01673EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder