78 matches found
EUVD-2019-16118
Malware in sbrugna...
EUVD-2019-16124
Malware in sbrugna...
EUVD-2019-16120
Malware in sbrugna...
EUVD-2019-16122
Malware in sbrugna...
EUVD-2019-16077
Malware in sbrugna...
EUVD-2019-16083
Malware in sbrugna...
EUVD-2019-16081
Malware in sbrugna...
EUVD-2019-16116
Malware in sbrugna...
EUVD-2019-16079
Malware in sbrugna...
Moxa IKS, EDS Cross-Site Request Forgery (CVE-2019-6561)
Cross-site request forgery has been identified in Moxa IKS and EDS, which may allow for the execution of unauthorized actions on the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Moxa IKS, EDS Predictable From Observable State (CVE-2019-6563)
Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture the administrator's password, which could lead to a full compromise of the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Moxa IKS, EDS Uncontrolled Resource Consumption (CVE-2019-6559)
Moxa IKS and EDS allow remote authenticated users to cause a denial of service via a specially crafted packet, which may cause the switch to crash. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable,...
Moxa IKS, EDS Plaintext Storage of a Password (CVE-2019-6518)
Moxa IKS and EDS store plaintext passwords, which may allow sensitive information to be read by someone with access to the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Moxa IKS, EDS Improper Access Control (CVE-2019-6520)
Moxa IKS and EDS does not properly check authority on server side, which results in a read-only user being able to perform arbitrary configuration changes. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...
Moxa IKS, EDS Missing Encryption of Sensitive Data (CVE-2019-6526)
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...
Moxa IKS, EDS Improper Neutralization of Input During Web Page Generation (CVE-2019-6565)
Moxa IKS and EDS fails to properly validate user input, giving unauthenticated and authenticated attackers the ability to perform XSS attacks, which may be used to send a malicious script. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Moxa IKS, EDS Improper Restriction of Excessive Authentication Attempts (CVE-2019-6524)
Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attacker to discover passwords via brute force attack. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
Moxa IKS, EDS Out-of-Bounds Read (CVE-2019-6522)
Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device reboot. This plugin only works with Tenable.ot. Please visit...
WordPress Iks Menu – WordPress Category Accordion Menu Plugin < 1.11.2 is vulnerable to Cross Site Scripting (XSS)
Software Iks Menu – WordPress Category Accordion Menu Type Plugin Vulnerable versions 1.11.2 Fixed in 1.11.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 241c584c7b9d Credits Raf...
WordPress Iks Menu – WordPress Category Accordion Menu plugin <= 1.9.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Iks Menu – WordPress Category Accordion Menu plugin versions = 1.9.1. Solution Update the WordPress Iks Menu – WordPress Category Accordion Menu plugin to the latest available version at least 1.9.2...