22 matches found
EUVD-2023-43507
Malicious code in bioql PyPI...
EUVD-2023-43508
Malicious code in bioql PyPI...
EUVD-2023-43509
Malicious code in bioql PyPI...
CVE-2023-39807
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a SQL injection vulnerability via the apasswd parameter at /portal/user-register.php...
CVE-2023-39809
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a command injection vulnerability via the systemhostname parameter at /manage/network-basic.php...
CVE-2023-39808
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service...
CVE-2023-39808
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service...
CVE-2023-39809
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a command injection vulnerability via the systemhostname parameter at /manage/network-basic.php...
CVE-2023-39807
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a SQL injection vulnerability via the apasswd parameter at /portal/user-register.php...
Sql injection
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a SQL injection vulnerability via the apasswd parameter at /portal/user-register.php...
Hardcoded credentials
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service...
CVE-2023-39807
CVE-2023-39807 affects N.V.K. INTER CO., LTD. iBSG v3.5. The vulnerability is a SQL injection via the a_passwd parameter in the /portal/user-register.php endpoint, enabling potential unauthorized data access or manipulation. The CVSS v3.1 metrics indicate a high-severity, network-exposed issue wi...
CVE-2023-39807
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a SQL injection vulnerability via the apasswd parameter at /portal/user-register.php...
PT-2023-27114 · N.V.K.Inter Co. · Ibsg
Name of the Vulnerable Software and Affected Versions: N.V.K.INTER CO., LTD. NVK iBSG version 3.5 Description: A SQL injection issue was found via the a passwd parameter at the "/portal/user-register.php" API endpoint. This allows for potential exploitation of the system. Recommendations: For...
CVE-2023-39808
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service...
CVE-2023-39809
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a command injection vulnerability via the systemhostname parameter at /manage/network-basic.php...
CVE-2023-39809
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a command injection vulnerability via the systemhostname parameter at /manage/network-basic.php...
PT-2023-27115 · N.V.K.Inter Co. · Ibsg
Name of the Vulnerable Software and Affected Versions: N.V.K.INTER CO., LTD. NVK iBSG version 3.5 Description: The issue is related to a hardcoded root password in the software, which allows attackers to login with root privileges via the SSH service. Recommendations: For version 3.5, consider...
CVE-2023-39808
CVE-2023-39808 affects N.V.K. INTER iBSG v3.5. The vulnerability stems from a hardcoded root password, enabling an attacker to log in with root privileges over SSH. Public sources corroborate the issue and assign a high severity (CVSSv3.1: 9.8; AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). No exploitatio...
CVE-2023-39808
N.V.K.INTER CO., LTD. NVK iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service...