EUVD-2022-34057

Malicious code in bioql PyPI...

CVE-2022-29731

An access control issue in ICT Protege GX/WX 2.08 allows attackers to leak SHA1 password hashes of other users...

CVE-2022-29734

A cross-site scripting XSS vulnerability in ICT Protege GX/WX v2.08 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter...

CVE-2022-29731

An access control issue in ICT Protege GX/WX 2.08 allows attackers to leak SHA1 password hashes of other users...

CVE-2022-29731

CVE-2022-29731 affects ICT Protege GX/WX version 2.08. The issue is an improper access control that allows an authenticated operator to disclose SHA-1 password hashes of other users (client-side hashes). The vulnerability has been documented in ZSL-2022-5700 with a PoC and vendor notifications; p...

CVE-2022-29731

An access control issue in ICT Protege GX/WX 2.08 allows attackers to leak SHA1 password hashes of other users...

ICT Protege GX/WX 2.08 - Stored Cross-Site Scripting Vulnerability

Exploit Title: ICT Protege GX/WX 2.08 - Stored Cross-Site Scripting XSS Exploit Author: LiquidWorm Vendor: Integrated Control Technology Ltd. Product web page: https://www.ict.co Affected version: GX: Ver: 2.08.1002 K1B3 Lib: 04.00.217 Int: 2.3.235.J013 OS: 2.0.20 WX: Ver: 4.00 284 H062 App:...

ICT Protege GX/WX 2.08 Client-Side SHA1 Password Hash Disclosure

Summary Protege GX is an enterprise level integrated access control, intrusion detection and building automation solution with a feature set that is easy to operate, simple to integrate and effortless to extend. Protege WX is an all-in-one, web-based, cross-platform system that gives you a fully...