27 matches found
EUVD-2022-33876
Malicious code in bioql PyPI...
CVE-2022-29538
RESI Gemini-Net Web 4.2 is affected by Improper Access Control in authorization logic. An unauthenticated user is able to access some critical resources...
CVE-2022-29540
resi-calltrace in RESI Gemini-Net 4.2 is affected by Multiple XSS issues. Unauthenticated remote attackers can inject arbitrary web script or HTML into an HTTP GET parameter that reflects user input without sanitization. This exists on numerous application endpoints,...
CVE-2022-29539
resi-calltrace in RESI Gemini-Net 4.2 is affected by OS Command Injection. It does not properly check the parameters sent as input before they are processed on the server. Due to the lack of validation of user input, an unauthenticated attacker can bypass the syntax intended by the software e.g.,...
CVE-2022-29540
resi-calltrace in RESI Gemini-Net 4.2 is affected by Multiple XSS issues. Unauthenticated remote attackers can inject arbitrary web script or HTML into an HTTP GET parameter that reflects user input without sanitization. This exists on numerous application endpoints,...
CVE-2022-29540
resi-calltrace in RESI Gemini-Net 4.2 is affected by Multiple XSS issues. Unauthenticated remote attackers can inject arbitrary web script or HTML into an HTTP GET parameter that reflects user input without sanitization. This exists on numerous application endpoints,...
Cross site scripting
resi-calltrace in RESI Gemini-Net 4.2 is affected by Multiple XSS issues. Unauthenticated remote attackers can inject arbitrary web script or HTML into an HTTP GET parameter that reflects user input without sanitization. This exists on numerous application endpoints,...
RESI Gemini-Net 跨站脚本漏洞
RESI Gemini-Net is a technology from RESI Italy for active and passive monitoring of communication networks and services.A cross-site scripting vulnerability exists in RESI Gemini-Net version 4.2. An attacker could exploit this vulnerability to inject arbitrary Web script or HTML into HTTP GET...
CVE-2022-29540
CVE-2022-29540 refers to a cross-site scripting vulnerability in RESI Gemini-Net 4.2 (resi-calltrace). The issue involves multiple XSS flaws where unauthenticated remote attackers can inject arbitrary script/HTML into reflected HTTP GET parameters without sanitization, affecting numerous endpoint...
CVE-2022-29540
resi-calltrace in RESI Gemini-Net 4.2 is affected by Multiple XSS issues. Unauthenticated remote attackers can inject arbitrary web script or HTML into an HTTP GET parameter that reflects user input without sanitization. This exists on numerous application endpoints,...
CVE-2022-29539
resi-calltrace in RESI Gemini-Net 4.2 is affected by OS Command Injection. It does not properly check the parameters sent as input before they are processed on the server. Due to the lack of validation of user input, an unauthenticated attacker can bypass the syntax intended by the software e.g.,...
CVE-2022-29538
RESI Gemini-Net Web 4.2 is affected by Improper Access Control in authorization logic. An unauthenticated user is able to access some critical resources...
CVE-2022-29539
resi-calltrace in RESI Gemini-Net 4.2 is affected by OS Command Injection. It does not properly check the parameters sent as input before they are processed on the server. Due to the lack of validation of user input, an unauthenticated attacker can bypass the syntax intended by the software e.g.,...
CVE-2022-29538
RESI Gemini-Net Web 4.2 is affected by Improper Access Control in authorization logic. An unauthenticated user is able to access some critical resources...
CVE-2022-29539
resi-calltrace in RESI Gemini-Net 4.2 is affected by OS Command Injection. It does not properly check the parameters sent as input before they are processed on the server. Due to the lack of validation of user input, an unauthenticated attacker can bypass the syntax intended by the software e.g.,...
CVE-2022-29538
RESI Gemini-Net Web 4.2 is affected by Improper Access Control in authorization logic. An unauthenticated user is able to access some critical resources...
Improper access control
RESI Gemini-Net Web 4.2 is affected by Improper Access Control in authorization logic. An unauthenticated user is able to access some critical resources...
Command injection
resi-calltrace in RESI Gemini-Net 4.2 is affected by OS Command Injection. It does not properly check the parameters sent as input before they are processed on the server. Due to the lack of validation of user input, an unauthenticated attacker can bypass the syntax intended by the software e.g.,...
CVE-2022-29538
Summary (CVE-2022-29538): RESI Gemini-Net Web 4.2 is affected by an improper access control vulnerability in the authorization logic, allowing an unauthenticated user to access some critical resources. Root cause described as inadequate access checks in the authorization flow. Documents consisten...
CVE-2022-29538
RESI Gemini-Net Web 4.2 is affected by Improper Access Control in authorization logic. An unauthenticated user is able to access some critical resources...