Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2025/04/16 6:16 p.m.0 views

CVE-2025-32866

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'GetLogs' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and write t...

8.7CVSS5.8AI score0.00054EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/04/16 12:0 a.m.1 views

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the GetLogs method, which can be exploited by an attacker to bypass authorization contro...

8.8CVSS8.4AI score0.00054EPSS
Exploits0References2
OSV
OSVadded 2021/08/23 5:15 a.m.0 views

CVE-2021-39244

Authenticated Semi-Blind Command Injection via Parameter Injection exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via the getlogs.cgi tcpdump feature. This affects Nexto NX3003 1.8.11.0, Nexto NX3004 1.8.11.0, Nexto NX3005 1.8.11.0, Nexto NX3010 1.8.3.0, Nexto NX3020 1.8.3.0, Nexto...

8.8CVSS5.8AI score0.05074EPSS
Exploits3References2
CNNVD
CNNVDadded 2021/08/23 12:0 a.m.3 views

多款Altus Sistemas de Automacao设备信任管理问题漏洞

Altus Sistemas de Automacao Nexto NX30xx, among others, is an industrial automation device from Brazilian company Altus Sistemas de Automacao. A security vulnerability exists in several Altus Sistemas de Automacao devices, which stems from the presence of hard-coded .htaccess credentials for...

7.5CVSS7.3AI score0.00355EPSS
Exploits3References2
OSV
OSVadded 2020/02/11 6:15 p.m.1 views

CVE-2020-8429

The Admin web application in Kinetica 7.0.9.2.20191118151947 does not properly sanitise the input for the function getLogs. This lack of sanitisation could be exploited to allow an authenticated attacker to run remote code on the underlying operating system. The logFile parameter in the getLogs...

8.8CVSS6AI score
Exploits0References2
OSV
OSVadded 2018/11/26 8:29 p.m.1 views

CVE-2018-11077

'getlogs' utility in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1 and Dell EMC Integrated Data Protection Appliance IDPA versions 2.0, 2.1 and 2.2 is affected by an OS command injection vulnerability. A malicious Avamar admin user may potentially...

6.7CVSS6AI score
Exploits0References4
NVD
NVDadded 2018/01/12 1:29 a.m.9 views

CVE-2018-5347

Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTelemetry and getLogs functions in views.py because .psp URLs are handled by the fastcgi.server component and shell metacharacters are mishandled...

10CVSS9.9AI score0.47022EPSS
Exploits4References2
Cvelist
Cvelistadded 2018/01/12 1:0 a.m.10 views

CVE-2018-5347

Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTelemetry and getLogs functions in views.py because .psp URLs are handled by the fastcgi.server component and shell metacharacters are mishandled...

9.9AI score0.47022EPSS
Exploits4References2
Rows per page
Query Builder