21 matches found
EUVD-2023-33245
Malicious code in bioql PyPI...
CVE-2023-29707
Cross Site Scripting XSS vulnerability in GBCOM LAC WEB Control Center version lac-1.3.x, allows attackers to create an arbitrary device...
talloires-lac-annecy.com Cross Site Scripting vulnerability OBB-3870352
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-29707
Cross Site Scripting XSS vulnerability in GBCOM LAC WEB Control Center version lac-1.3.x, allows attackers to create an arbitrary device...
CVE-2023-29707
Cross Site Scripting XSS vulnerability in GBCOM LAC WEB Control Center version lac-1.3.x, allows attackers to create an arbitrary device...
Cross site scripting
Cross Site Scripting XSS vulnerability in GBCOM LAC WEB Control Center version lac-1.3.x, allows attackers to create an arbitrary device...
PT-2023-22363 · Gbcom · Gbcom Lac Web Control Center
Name of the Vulnerable Software and Affected Versions: GBCOM LAC WEB Control Center version lac-1.3.x Description: The issue allows attackers to create an arbitrary device through a Cross Site Scripting XSS vulnerability. Recommendations: For GBCOM LAC WEB Control Center version lac-1.3.x, consid...
CVE-2023-29707
Cross Site Scripting XSS vulnerability in GBCOM LAC WEB Control Center version lac-1.3.x, allows attackers to create an arbitrary device...
CVE-2023-29707
Cross Site Scripting XSS vulnerability in GBCOM LAC WEB Control Center version lac-1.3.x, allows attackers to create an arbitrary device...
CVE-2023-29707
CVE-2023-29707 concerns a cross-site scripting (XSS) vulnerability in the GBCOM LAC WEB Control Center, version lac-1.3.x. The available sources in the connected documents indicate that an attacker could leverage this flaw to create an arbitrary device. The CVE entry notes a CVSS v3.1 base score ...
GHSA-V5GW-MW7F-84PX Starlette has Path Traversal vulnerability in StaticFiles
Summary When using StaticFiles, if there's a file or directory that starts with the same name as the StaticFiles directory, that file or directory is also exposed via StaticFiles which is a path traversal vulnerability. Details The root cause of this issue is the usage of os.path.commonprefix:...
lac-parfumeur.ch Cross Site Scripting vulnerability OBB-3110038
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
bordeaux-lac-ecole-moto.com Cross Site Scripting vulnerability OBB-3093812
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
lac-mac.com Cross Site Scripting vulnerability OBB-2327049
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign
Why is the campaign called A41APT? In 2019, we observed an APT campaign targeting multiple industries, including the Japanese manufacturing industry and its overseas operations, that was designed to steal information. We named the campaign A41APT not APT41 which is derived from the host name...
SQL Injection Vulnerability in LAC WEB Control Center of Shanghai Huanchuang Communication Technology Co.
GBCOM is a high-tech company focusing on technical research, product development and sales in the field of wireless broadband communication with WiFi technology as its core. A SQL injection vulnerability exists in the LAC WEB Control Center of Shanghai Huanchuang Communication Technology Co., Ltd...
Information Leakage Vulnerability in LAC WEB Control Center of Shanghai Huanchuang Communication Technology Co.
Huntron Communications LAC is a WiFi product. Shanghai Huanchuang Communication Technology Co., Ltd LAC WEB control center has an information leakage vulnerability, attackers can download sensitive files to obtain sensitive information...
Active C2 Discovery Using Protocol Emulation Part1 (HYDSEVEN NetWire)
Malware C2 addresses can be an important IOC to detect known threats. In order to obtain C2 information, we first need malware samples which are then analyzed dynamically or statically. However the analysis task is often times not straightforward. Increasingly anti-analysis methods are implemente...
lac-school.com XSS vulnerability
Open Bug Bounty ID: OBB-653829 Description| Value ---|--- Affected Website:| lac-school.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Android IMSI-Catcher Detector: AIMSICD
AIMSICD is an app to detect IMSI-Catchers . IMSI-Catchers are false mobile towers base stations acting between the target mobile phones and the real towers of service providers. As such they are considered a Man-In-The-Middle MITM attack. In the USA the IMSI-Catcher technology is known under the...