12 matches found
EUVD-2017-16882
Malware in sbrugna...
EUVD-2020-19243
Malware in sbrugna...
CVE-2020-26701
Cross-site scripting XSS vulnerability in Dashboards section in Kaa IoT Platform v1.2.0 allows remote attackers to inject malicious web scripts or HTML Injection payloads via the Description parameter...
CVE-2020-26701
Cross-site scripting XSS vulnerability in Dashboards section in Kaa IoT Platform v1.2.0 allows remote attackers to inject malicious web scripts or HTML Injection payloads via the Description parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in Dashboards section in Kaa IoT Platform v1.2.0 allows remote attackers to inject malicious web scripts or HTML Injection payloads via the Description parameter...
CVE-2020-26701
Cross-site scripting XSS vulnerability in Dashboards section in Kaa IoT Platform v1.2.0 allows remote attackers to inject malicious web scripts or HTML Injection payloads via the Description parameter...
CVE-2020-26701
CVE-2020-26701 is an XSS in the Dashboards module of Kaa IoT Platform v1.2.0. The vulnerability arises from injecting scripts/HTML via the Description field, exploitable through the Dashboard editing flow in the Solutions/Dashboards area. A PoC is documented in public material (e.g., PacketStorm)...
Kaa IoT Platform 1.2.0 Cross Site Scripting
Exploit Title: Kaa IoT Platform 1.2.0 Cross Site Scripting XSS Vulnerability Date: 2020-10-01 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.kaaproject.org/ Software Link: https://cloud.kaaiot.com/ Version: 1.2.0 Tested on: Kali Linux 2020.3 CVE: CVE-2020-26701 Proof Of Concept:...
CVE-2017-7911
A Code Injection issue was discovered in CyberVision Kaa IoT Platform, Version 0.7.4. An insufficient-encapsulation vulnerability has been identified, which may allow remote code execution...
CVE-2017-7911
The CVE-2017-7911 issue affects CyberVision Kaa IoT Platform v0.7.4 (and possibly other versions). It is described as an insufficient encapsulation (CWE-485) vulnerability that enables remote code execution via code injection in the affected middleware. Public descriptions consistently attribute ...
CVE-2017-7911
A Code Injection issue was discovered in CyberVision Kaa IoT Platform, Version 0.7.4. An insufficient-encapsulation vulnerability has been identified, which may allow remote code execution...
CyberVision Kaa IoT Platform
CVSS v3 6.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: CyberVision Equipment: Kaa IoT Platform Vulnerability: Code Injection AFFECTED PRODUCTS The following version of Kaa IoT Platform, a middleware platform, is affected: Kaa IoT Platform, Version 0.7.4, and possibly othe...