PT-2025-16941

Name of the Vulnerable Software and Affected Versions Continuous Compliance affected versions not specified Description A valid, authenticated user with sufficient privileges can leverage the application's built-in Connector functionality to access Continuous Compliance's internal database,...

Delphix Masking Engine 安全漏洞

Delphix Masking Engine is a data masking engine from Delphix, Inc. A security vulnerability exists in Delphix Masking Engine that stems from insufficient access control for the built-in Connector feature, which could lead to an internal database disclosure...

The vulnerability of the software for managing traffic in hybrid and multi-cloud environments, such as VMware Avi Load Balancer, stems from insufficient measures taken to protect the SQL query structure. This allows attackers to gain access to the internal database.

The vulnerability of the software for managing traffic in hybrid and multi-cloud environments of VMware Avi Load Balancer is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow a malicious actor to gain access to the internal database...

The vulnerability of the application software interface of the Cisco Nexus Dashboard Fabric Controller (NDFC) allows a attacker to access the internal database.

The vulnerability of the application software interface of the Cisco Nexus Dashboard Fabric Controller NDFC relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow a malicious actor to gain access to the internal database by sending...

CVE-2023-29118

Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/versions.php...

CVE-2023-29119

Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/dbstore.php...

CVE-2023-29118

Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/versions.php...

CVE-2023-29119

CVE-2023-29119 affects Waybox Enel X web management application. Reported vulnerability allows arbitrary requests on the internal database via the/web path /admin/dbstore.php, as described in multiple sources (NVD entry, Red Hat advisory, CVE list). Potential impact includes confidentiality, inte...

CVE-2023-29119 Unauthorized SQLite Injection

Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/dbstore.php...

CVE-2023-29118

CVE-2023-29118 affects the Waybox Enel X web management application. The vulnerability allows an attacker to cause arbitrary requests to the internal database via the endpoint /admin/versions.php. The provided documents describe the impact as arbitrary database actions, but do not detail the root...

CVE-2023-29118 Unauthorized SQLite Injection in Enel X Juicebox

Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/versions.php...

CVE-2023-29118 Unauthorized SQLite Injection in Enel X Juicebox

Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/versions.php...

PT-2024-12199 · Enel X · Waybox Enel X

Name of the Vulnerable Software and Affected Versions: Waybox Enel X web management application affected versions not specified Description: The Waybox Enel X web management application has an issue that allows execution of arbitrary requests on the internal database via the /admin/dbstore.php AP...

Enel X Waybox 安全漏洞

The Enel X Waybox is a home charging station from Enel X, Inc. A security vulnerability exists in version 3.0 of the Enel X Waybox that stems from a web management application that can execute arbitrary requests on an internal database via /admin/versions.php...

PT-2024-12198 · Enel X · Waybox Enel X

Name of the Vulnerable Software and Affected Versions: Waybox Enel X affected versions not specified Description: The Waybox Enel X web management application has a flaw that allows execution of arbitrary requests on the internal database via the /admin/versions.php endpoint. This issue affects...

Enel X Waybox 安全漏洞

The Enel X Waybox is a home charging station from Enel X, Inc. A security vulnerability exists in version 3.0 of the Enel X Waybox, which originates from a web management application that can execute arbitrary requests on an internal database via /admin/dbstore.php...

Path Traversal

CodeChecker is vulnerable to a Path traversal. The vulnerability is due to improper sanitization of ZIP files at the CodeCheckerService@massStoreRun endpoint. An attackers can exploit this by inserting arbitrary files into internal database, which can then be displayed through the Web interface...

CVE-2024-30381

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Juniper Networks Paragon Active Assurance Control Center allows a network-adjacent attacker with root access to a Test Agent Appliance the ability to access sensitive information about downstream devices. The...

CVE-2024-30381 Paragon Active Assurance: probe_serviced exposes internal objects to local users

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Juniper Networks Paragon Active Assurance Control Center allows a network-adjacent attacker with root access to a Test Agent Appliance the ability to access sensitive information about downstream devices. The...

PT-2024-2871 · Juniper Networks · Paragon Active Assurance Control Center

Name of the Vulnerable Software and Affected Versions: Juniper Networks Paragon Active Assurance Control Center versions 4.1.0 through 4.2.0 Description: The issue allows a network-adjacent attacker with root access to a Test Agent Appliance to access sensitive information about downstream device...