43 matches found
EUVD-2023-34819
Malicious code in bioql PyPI...
EUVD-2021-32594
Malicious code in bioql PyPI...
EUVD-2021-32593
Malicious code in bioql PyPI...
EUVD-2021-32592
Malicious code in bioql PyPI...
EUVD-2024-17441
Malicious code in bioql PyPI...
CVE-2024-1707
A vulnerability, which was classified as problematic, was found in GARO WALLBOX GLB+ T2EV7 0.5. This affects an unknown part of the file /index.jspsettings of the component Software Update Handler. The manipulation of the argument Reference leads to cross site scripting. It is possible to initiat...
CVE-2023-30399
Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows attackers to redirect users to a crafted update package link via a man-in-the-middle attack...
CVE-2021-45877
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by hard coded credentials. A hardcoded credential exist in /etc/tomcat8/tomcat-user.xml, which allows attackers to gain authorized access and control the tomcat completely on port 8000 in the tomcat manger page...
CVE-2021-45878
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by incorrect access control. Lack of access control on the web manger pages allows any user to view and modify information...
CVE-2024-1707
A vulnerability, which was classified as problematic, was found in GARO WALLBOX GLB+ T2EV7 0.5. This affects an unknown part of the file /index.jspsettings of the component Software Update Handler. The manipulation of the argument Reference leads to cross site scripting. It is possible to initiat...
CVE-2024-1707
A vulnerability, which was classified as problematic, was found in GARO WALLBOX GLB+ T2EV7 0.5. This affects an unknown part of the file /index.jspsettings of the component Software Update Handler. The manipulation of the argument Reference leads to cross site scripting. It is possible to initiat...
Cross site scripting
A vulnerability, which was classified as problematic, was found in GARO WALLBOX GLB+ T2EV7 0.5. This affects an unknown part of the file /index.jspsettings of the component Software Update Handler. The manipulation of the argument Reference leads to cross site scripting. It is possible to initiat...
CVE-2024-1707 GARO WALLBOX GLB+ T2EV7 Software Update index.jsp#settings cross site scripting
A vulnerability, which was classified as problematic, was found in GARO WALLBOX GLB+ T2EV7 0.5. This affects an unknown part of the file /index.jspsettings of the component Software Update Handler. The manipulation of the argument Reference leads to cross site scripting. It is possible to initiat...
CVE-2024-1707 GARO WALLBOX GLB+ T2EV7 Software Update index.jsp#settings cross site scripting
A vulnerability, which was classified as problematic, was found in GARO WALLBOX GLB+ T2EV7 0.5. This affects an unknown part of the file /index.jspsettings of the component Software Update Handler. The manipulation of the argument Reference leads to cross site scripting. It is possible to initiat...
CVE-2024-1707
The CVE-2024-1707 entry describes a cross-site scripting vulnerability in GARO WALLBOX GLB+ T2EV7 v0.5, affecting the Software Update Handler at /index.jsp#settings via manipulation of the Reference argument. It allows remote initiation, and the exploit has been publicly disclosed. Publicly avail...
PT-2024-18240 · Garo · Garo Wallbox Glb+ T2Ev7
Name of the Vulnerable Software and Affected Versions: GARO WALLBOX GLB+ T2EV7 version 0.5 Description: A problematic issue was found in the Software Update Handler component, affecting an unknown part of the file /index.jspsettings. The manipulation of the Reference argument leads to cross-site...
GARO Wallbox GLB/GTB/GTC Cross-Site Scripting Vulnerability
The GARO Wallbox GLB/GTB/GTC is an electric vehicle charger from the Swedish company GARO. A cross-site scripting vulnerability exists in GARO WALLBOX GLB+ T2EV7 version 0.5, which stems from a cross-site scripting vulnerability in the component Software Update Handler...
CVE-2023-30399
Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows attackers to redirect users to a crafted update package link via a man-in-the-middle attack...
CVE-2023-30399
Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows attackers to redirect users to a crafted update package link via a man-in-the-middle attack...
Code injection
Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows attackers to redirect users to a crafted update package link via a man-in-the-middle attack...