Lucene search
+L

159 matches found

ptsecurity
ptsecurity
added 2023/02/02 12:0 a.m.9 views

PT-2023-1307 · Moxa · Moxa Sds-3008 Series Industrial Ethernet Switch

Name of the Vulnerable Software and Affected Versions: Moxa SDS-3008 Series Industrial Ethernet Switch version 2.1 Description: An information disclosure issue exists in the web application functionality, allowing a specially-crafted HTTP request to disclose sensitive information. An attacker can...

5.3CVSS5.1AI score0.01458EPSS
Exploits1References7
ptsecurity
ptsecurity
added 2023/01/11 12:0 a.m.7 views

PT-2023-1559 · Zyxel · Zyxel Nr7101

Name of the Vulnerable Software and Affected Versions: Zyxel NR7101 firmware versions prior to V1.15ACCC.3C0 Description: The issue exists due to the lack of measures to neutralize special elements used in the operating system command. Exploitation of this issue may allow a remote attacker to...

8.8CVSS8.7AI score0.01084EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2023/01/03 12:0 a.m.6 views

CVE-2022-39039 aEnrich a+HRD - Server-Side Request Forgery (SSRF)

aEnrich’s a+HRD has inadequate filtering for specific URL parameter. An unauthenticated remote attacker can exploit this vulnerability to send arbitrary HTTPs request to launch Server-Side Request Forgery SSRF attack, to perform arbitrary system command or disrupt service...

9.8CVSS7.4AI score0.01022EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2022/12/19 10:0 a.m.9 views

CVE-2022-28703

A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability...

9.1CVSS5.5AI score0.0112EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2022/08/03 12:0 a.m.7 views

PT-2022-3982 · Cisco · Cisco Unified Communications Manager Session Management Edition +1

Name of the Vulnerable Software and Affected Versions: Cisco Unified Communications Manager Unified CM versions affected versions not specified Cisco Unified Communications Manager Session Management Edition Unified CM SME versions affected versions not specified Description: A vulnerability in t...

8.1CVSS7.8AI score0.0109EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2022/05/12 5:1 p.m.5 views

CVE-2022-26510

A firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted HTTP request can lead to firmware update. An attacker can send a sequence of requests to trigger this vulnerability...

9.9CVSS6.6AI score0.0125EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2022/04/18 4:15 p.m.4 views

CVE-2020-13567

Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability...

8.8CVSS10AI score0.02308EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2022/01/28 12:0 a.m.13 views

PT-2022-12116 · Reolink · Reolink Rlc-410W

Name of the Vulnerable Software and Affected Versions: reolink RLC-410W version 3.0.0.136 20121102 Description: A denial of service issue exists in the cgiserver.cgi JSON command parser functionality. This can be triggered by a specially-crafted HTTP request, leading to a reboot. The GetMdAlarm...

8.6CVSS7.8AI score0.01207EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2022/01/28 12:0 a.m.5 views

PT-2022-12057 · Reolink · Reolink Rlc-410W

Name of the Vulnerable Software and Affected Versions: reolink RLC-410W version 3.0.0.136 20121102 Description: A denial of service issue exists in the cgiserver.cgi JSON command parser functionality. This can be triggered by a specially-crafted HTTP request, leading to a reboot. The SetNorm para...

8.6CVSS7.9AI score0.01145EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2022/01/28 12:0 a.m.5 views

PT-2022-12114 · Reolink · Reolink Rlc-410W

Name of the Vulnerable Software and Affected Versions: reolink RLC-410W version 3.0.0.136 20121102 Description: A denial of service issue exists in the cgiserver.cgi JSON command parser functionality. This can be triggered by a specially-crafted HTTP request, leading to a reboot. The GetAlarm par...

8.6CVSS7.9AI score0.01207EPSS
Exploits1References2
cve
cve
added 2021/12/22 6:7 p.m.58 views

CVE-2021-21922

CVE-2021-21922 affects Advantech R-SeeNet (2.4.15 and prior) via SQL injection in the user_list page, caused by improper neutralization of inputs in several filters (username_filter, name_filter, surname_filter, company_filter). An authenticated user (or via CSRF) can inject SQL through these par...

7.7CVSS6.6AI score0.01144EPSS
Exploits1References1Affected Software1
ptsecurity
ptsecurity
added 2021/11/22 12:0 a.m.6 views

PT-2021-5032 · Advantech · Advantech R-Seenet

Name of the Vulnerable Software and Affected Versions: Advantech R-SeeNet affected versions not specified Description: The issue is related to a lack of protection in the SQL query structure, which can be exploited through a specially-crafted HTTP request, potentially leading to SQL injection. Th...

8.8CVSS7.7AI score0.0138EPSS
Exploits1References4
cnvd
cnvd
added 2021/05/18 12:0 a.m.3 views

IBM Cloud Pak for Security Malicious Data Injection Vulnerability

IBM Cloud Pak for Security is an application from IBM America, Inc. An open security platform that connects to your existing data sources to generate deeper insights and enables you to take automated action faster. A malicious data injection vulnerability exists in IBM Cloud Pak for Security...

4CVSS6.8AI score0.00725EPSS
Exploits0References1
cnvd
cnvd
added 2021/05/12 12:0 a.m.15 views

OpenClinic GA SQL Injection Vulnerability (CNVD-2021-34993)

OpenClinic GA is an open source hospital information management system. The system supports financial management, clinical management and laboratory management and other functions. An SQL injection vulnerability exists in the findDistrict parameter of the "Patientslist.do" page in OpenClinic GA...

8.8CVSS7.4AI score0.00806EPSS
Exploits1
cnvd
cnvd
added 2021/04/16 12:0 a.m.6 views

OpenClinic GA SQL Injection Vulnerability (CNVD-2021-29431)

OpenClinic GA is an open source hospital integrated information management system . An SQL injection vulnerability exists in the nomenclature parameter in getAssets.jsp in OpenClinic GA version 5.173.3. An attacker can exploit this vulnerability by sending an HTTP request to perform a SQL injecti...

9.8CVSS7.3AI score0.00866EPSS
Exploits1References1
cnvd
cnvd
added 2021/01/21 12:0 a.m.7 views

Cisco Data Center Network Manager Server-Side Request Forgery Vulnerability

Cisco Data Center Network Manager DCNM is a suite of data center network managers from Cisco that provides multiprotocol management of the network and troubleshooting of switch operating conditions and performance. A server-side request forgery vulnerability exists in the session authentication...

8.8CVSS7AI score0.01284EPSS
Exploits0References1
cnvd
cnvd
added 2021/01/21 12:0 a.m.8 views

Cisco Smart Software Manager Satellite Open Redirect Vulnerability

Cisco Smart Software Manager Satellite is a Cisco component for Cisco product license management. An open redirection vulnerability exists in the web management interface of Cisco Smart Software Manager Satellite 5.0 and earlier versions. The vulnerability stems from improper validation of the...

5.4CVSS6.6AI score0.00564EPSS
Exploits0References1
cnvd
cnvd
added 2021/01/21 12:0 a.m.8 views

Cisco SD-WAN vManage Authorization Bypass Vulnerability

Cisco SD-WAN Solution is a suite of network extension solutions from Cisco, of which vManage is the console. An authorization bypass vulnerability exists in the web management interface of Cisco SD-WAN vManage, which can be exploited by an attacker by sending a specially crafted HTTP request to...

8.8CVSS6.7AI score0.0196EPSS
Exploits0References1
cnvd
cnvd
added 2021/01/21 12:0 a.m.4 views

Cisco Data Center Network Manager Authorization Bypass Vulnerability (CNVD-2021-09948)

Cisco Data Center Network Manager DCNM is a suite of data center network managers from Cisco that provides multiprotocol management of the network and troubleshooting of switch operating conditions and performance. An authorization bypass vulnerability exists in the Web management interface of...

6.5CVSS6.6AI score0.00774EPSS
Exploits0References1
cnvd
cnvd
added 2021/01/21 12:0 a.m.5 views

Cisco Data Center Network Manager Authorization Bypass Vulnerability (CNVD-2021-09949)

Cisco Data Center Network Manager DCNM is a suite of data center network managers from Cisco that provides multiprotocol management of the network and troubleshooting of switch operating conditions and performance. An authorization bypass vulnerability exists in the Web management interface of...

6.5CVSS6.6AI score0.00639EPSS
Exploits0References1
Rows per page
Query Builder