Lucene search
K

31 matches found

NVD
NVD
added 2026/06/13 6:16 p.m.15 views

CVE-2026-12183

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability CWE-287 in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 administrator in response to any HTTP POST request that supplie...

9.8CVSS0.00548EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/13 5:36 p.m.8 views

CVE-2026-12183

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability CWE-287 in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 administrator in response to any HTTP POST request that supplie...

9.8CVSS5.6AI score0.00548EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/13 5:36 p.m.13 views

EUVD-2026-36653

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability CWE-287 in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 administrator in response to any HTTP POST request that supplie...

9.8CVSS5.7AI score0.00548EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/11 1:19 p.m.4 views

CVE-2026-3843

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 on Linux contains a SQL Injection vulnerability CWE-89 in the system configuration module. A remote attacker can send specially crafted HTTP POST requests to the /php/request.php endpoint via the sql parameter in...

9.8CVSS6.4AI score0.00763EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/10 6:31 p.m.5 views

EUVD-2026-10492

SQL Injection CWE-89 in the system configuration module in Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 on Linux allows remote attackers to execute arbitrary SQL commands and potentially achieve remote code execution via specially crafted SQL requests...

9.8CVSS6.6AI score0.00763EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/10 6:31 p.m.3 views

EUVD-2026-10493

SQL Injection CWE-89 in the system configuration module in Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 on Linux allows remote attackers to execute arbitrary SQL commands and potentially achieve remote code execution via specially crafted SQL requests...

9.8CVSS6.6AI score0.00763EPSS
Exploits0References3
NVD
NVD
added 2026/03/10 6:19 p.m.5 views

CVE-2026-3843

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 on Linux contains a SQL Injection vulnerability CWE-89 in the system configuration module. A remote attacker can send specially crafted HTTP POST requests to the /php/request.php endpoint via the sql parameter in...

9.8CVSS0.00763EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/10 11:7 a.m.2 views

CVE-2026-3843

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 on Linux contains a SQL Injection vulnerability CWE-89 in the system configuration module. A remote attacker can send specially crafted HTTP POST requests to the /php/request.php endpoint via the sql parameter in...

9.8CVSS6.4AI score0.00763EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/10 11:7 a.m.4 views

CVE-2026-3843 SQL Injection in Nefteprodukttekhnika BUK TS-G Allows Remote Code Execution

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 on Linux contains a SQL Injection vulnerability CWE-89 in the system configuration module. A remote attacker can send specially crafted HTTP POST requests to the /php/request.php endpoint via the sql parameter in...

9.8CVSS6.4AI score0.00763EPSS
Exploits0References2
CVE
CVE
added 2026/03/10 11:7 a.m.11 views

CVE-2026-3843

CVE-2026-3843 affects Nefteprodukttekhnika BUK TS-G Gas Station Automation System (Linux) version 2.9.1. The flaw is a SQL Injection in the system configuration module, exploitable via HTTP POST to /php/request.php with the sql parameter (example: action=do&sql=&reload_driver=0), potentially enab...

9.8CVSS6.4AI score0.00763EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/10 11:7 a.m.28 views

CVE-2026-3843 SQL Injection in Nefteprodukttekhnika BUK TS-G Allows Remote Code Execution

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 on Linux contains a SQL Injection vulnerability CWE-89 in the system configuration module. A remote attacker can send specially crafted HTTP POST requests to the /php/request.php endpoint via the sql parameter in...

9.8CVSS0.00763EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.4 views

PT-2026-24203

Name of the Vulnerable Software and Affected Versions Nefteprodukttekhnika BUK TS-G Gas Station Automation System version 2.9.1 Description The system contains a SQL Injection issue in the system configuration module. An attacker can send crafted HTTP POST requests to the /php/request.php endpoin...

9.8CVSS6.5AI score0.00763EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.6 views

Nefte Produkt Tekhnika BUK TS-G Gas Station Automation System 安全漏洞

Nefte Produkt Tekhnika BUK TS-G Gas Station Automation System is an automation system for gas station operations developed by the Russian company Nefte Produkt Tekhnika. Version 2.9.1 of the Nefte Produkt Tekhnika BUK TS-G Gas Station Automation System contains a security vulnerability. This...

9.8CVSS6.2AI score0.00763EPSS
Exploits0References3
0day.today
0day.today
added 2022/11/04 12:0 a.m.472 views

Automated Tank Gauge (ATG) Remote Configuration Disclosure Exploit

In 2015, HD Moore, the creator of Metasploit, published an article disclosing over 5,800 gas station Automated Tank Gauges ATGs which were publicly accessible. Besides monitoring for leakage, these systems are also instrumental in gauging fluid levels, tank temperature, and can alert operators wh...

7.5AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2021/10/30 1:0 p.m.16 views

The SolarWinds Hackers Are Looking for Their Next Big Score

Plus: Gas station hacks in Iran, ransomware arrests in Europe, and more of the week's top security news...

7AI score
Exploits0
HackRead
HackRead
added 2021/10/27 4:1 p.m.22 views

Iranian Gas Stations Crippled After Suffering Cyberattack

By Deeba Ahmed Soon after the cyberattack, videos and posts started surfacing on social media displaying messages that read: "Khamenei! Where is our gas?" Another sign read: "Free gas in Jamaran gas station." This is a post from HackRead.com Read the original post: Iranian Gas Stations Crippled...

2.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/08/11 4:8 p.m.89 views

If a QR code leads you to a Bitcoin ATM at a gas station, it’s a scam

Rogue QR code antics have been back in the news recently. They’re not exactly a mainstay of fakery, but they do tend to enjoy small waves of popularity as events shaped by the real world remind everyone they still exist. The most notable example where this is concerned is of course the pandemic...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2020/07/07 1:25 p.m.50 views

Credit-Card Skimmer Has Unlikely Target: Microsoft ASP.NET Sites

Researchers have identified a credit-card skimming campaign that’s been active since mid-April that has a rather specific and unusual target: ASP.NET-based websites running on Microsoft Internet Information Services IIS servers. New research from Malwarebytes Labs recently uncovered the campaign,...

0.1AI score
Exploits0References8
The Hacker News
The Hacker News
added 2019/08/16 7:49 a.m.1 views

Bluetana App Quickly Detects Hidden Bluetooth Card Skimmers at Gas Pumps

In recent years, gas stations have become one of the favorite targets for thieves who are stealing customers' credit and debit card information by installing a Bluetooth-enabled payment card skimmers at gas stations across the nation. The media has also reported several recent crimes surrounding...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2019/08/16 7:49 a.m.79 views

Bluetana App Quickly Detects Hidden Bluetooth Card Skimmers at Gas Pumps

In recent years, gas stations have become one of the favorite targets for thieves who are stealing customers' credit and debit card information by installing a Bluetooth-enabled payment card skimmers at gas stations across the nation. The media has also reported several recent crimes surrounding...

7AI score
Exploits0
Rows per page
Query Builder