5 matches found
PT-2023-14904 · Sguda · Sguda U-Lock
Name of the Vulnerable Software and Affected Versions: SGUDA U-Lock central lock control service affected versions not specified Description: The issue is related to incorrect authorization in the lock management function of the SGUDA U-Lock central lock control service. A remote attacker with...
CVE-2023-25017
RIFARTEK IOT Wall has a vulnerability of incorrect authorization. An authenticated remote attacker with general user privilege is allowed to perform specific privileged function to access and modify all sensitive data...
CVE-2022-41676
Raiden MAILD Mail Server website mail field has insufficient filtering for user input. A remote attacker with general user privilege can send email using the website with malicious JavaScript in the input field, which triggers XSS Reflected Cross-Site Scripting attack to the mail recipient...
PT-2022-24679 · U-Office · U-Office
Name of the Vulnerable Software and Affected Versions: U-Office affected versions not specified Description: The U-Office Force Download function contains a path traversal issue. This allows a remote attacker with general user privileges to exploit the issue and download arbitrary system files...
CVE-2022-32958
A remote attacker with general user privilege can send a message to Teamplus Pro’s chat group that exceeds message size limit, to terminate other recipients’ Teamplus Pro chat process...