Lucene search
K

54 matches found

Talos Blog
Talos Blog
added 2024/11/21 7:2 p.m.17 views

Bidirectional communication via polyrhythms and shuffles: Without Jon the beat must go on

Welcome to this week's edition of the Threat Source newsletter. Bidirectional communication is foundational to a well-built team regardless of environment. It's critical in information security to be able to drive a conversation up the ladder and down and not lose the critical elements. One of th...

8.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/12/04 8:44 a.m.3 views

junior-broker.com Improper Access Control vulnerability OBB-3802232

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2023/10/09 12:0 a.m.233 views

eClass Junior 4.0 SQL Injection

==================================================================================================================================== | Title : eClass Junior 4.0 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | |...

7.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/09/27 4:58 p.m.19 views

elearning.pioneergirlsjunioracademy.co.ke Cross Site Scripting vulnerability OBB-3711647

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/08/30 9:13 a.m.15 views

junior-shop.com Cross Site Scripting vulnerability OBB-3626543

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/05/12 1:32 p.m.15 views

belvederejuniorschool.co.uk Cross Site Scripting vulnerability OBB-3326327

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/01/31 7:14 a.m.11 views

junior-shop.com Cross Site Scripting vulnerability OBB-3172538

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/08/09 3:28 p.m.10 views

juniorchefs.com.au Cross Site Scripting vulnerability OBB-2833171

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
NVD
NVD
added 2021/02/01 9:15 p.m.20 views

CVE-2019-20473

An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. Any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device simply produces a "Remove PIN and restart!" message, and cannot be used. This makes it easier for an attacker to use...

6.8CVSS6.5AI score0.00394EPSS
Exploits0References3
NVD
NVD
added 2021/02/01 9:15 p.m.24 views

CVE-2019-20471

An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. When using the device at initial setup, a default password is used 123456 for administrative purposes. There is no prompt to change this password. Note that this password can be used in combination with CVE-2019-2047...

7.8CVSS7.5AI score0.00352EPSS
Exploits0References3
Prion
Prion
added 2021/02/01 9:15 p.m.21 views

Default credentials

An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It performs actions based on certain SMS commands. This can be used to set up a voice communication channel from the watch to any telephone number, initiated by sending a specific SMS and using the default password,...

5CVSS7.5AI score0.01932EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2021/02/01 8:18 p.m.15 views

CVE-2019-20468

An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It has unnecessary permissions such as READEXTERNALSTORAGE, WRITEEXTERNALSTORAGE, and READCONTACTS...

7AI score0.02295EPSS
Exploits0References3
CVE
CVE
added 2021/02/01 8:18 p.m.50 views

CVE-2019-20468

The CVE-2019-20468 entry applies to SeTracker2 for TK-Star Q90 Junior GPS watch, version 3.1042.9.8656. Affected component/behavior: the software requests unnecessary permissions (READ_EXTERNAL_STORAGE, WRITE_EXTERNAL_STORAGE, READ_CONTACTS), enabling access to local data and contacts. Root cause...

9.8CVSS9.4AI score0.02295EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2021/02/01 8:13 p.m.9 views

CVE-2019-20473

An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. Any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device simply produces a "Remove PIN and restart!" message, and cannot be used. This makes it easier for an attacker to use...

6.8AI score0.00394EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/02/01 8:13 p.m.29 views

CVE-2019-20473

An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. Any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device simply produces a "Remove PIN and restart!" message, and cannot be used. This makes it easier for an attacker to use...

6.6AI score0.00394EPSS
Exploits0References3
CVE
CVE
added 2021/02/01 8:13 p.m.39 views

CVE-2019-20473

The CVE concerns TK-Star Q90 Junior GPS horloge (version 3.1042.9.8656). It describes a PIN configuration issue: any SIM card attached to the device cannot have a PIN; if a PIN is configured, the device shows “Remove PIN and restart!” and becomes unusable. This makes it easier for an attacker to ...

6.8CVSS6.5AI score0.00394EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2021/02/01 8:10 p.m.19 views

CVE-2019-20471

An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. When using the device at initial setup, a default password is used 123456 for administrative purposes. There is no prompt to change this password. Note that this password can be used in combination with CVE-2019-2047...

6.9AI score0.00352EPSS
Exploits0References3
CVE
CVE
added 2021/02/01 8:3 p.m.45 views

CVE-2019-20470

The TK-Star Q90 Junior GPS watch (firmware 3.1042.9.8656) is affected by CVE-2019-20470 and CVE-2019-20471. A default administrative password (123456) is used at initial setup and there is no prompt to change it. An SMS with the proper password, e.g., pw,,call,, can trigger the watch to initiate ...

7.5CVSS7.5AI score0.01932EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2021/02/01 12:0 a.m.9 views

PT-2021-9033 · Tk Star · Setracker2

Name of the Vulnerable Software and Affected Versions: SeTracker2 for TK-Star Q90 Junior GPS horloge version 3.1042.9.8656 Description: An issue was discovered in the software, where it has unnecessary permissions such as READ EXTERNAL STORAGE, WRITE EXTERNAL STORAGE, and READ CONTACTS...

9.8CVSS7.2AI score0.02295EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/02/01 12:0 a.m.8 views

TK-Star Q90 Junior GPS horloge security vulnerability

TK-Star Q90 Junior GPS horloge is a Gps location tracker from TK-Star, China. A security vulnerability exists in the TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices, which can be exploited by an attacker to more easily use a SIM card by stealing the device...

6.8CVSS6.7AI score0.00394EPSS
Exploits0References3
Rows per page
Query Builder