114 matches found
CVE-2024-5624 Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL
Reflected Cross-Site Scripting XSS in Shift Logbook application of B&R APROL = R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's browser session...
CVE-2024-5624 Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL
Reflected Cross-Site Scripting XSS in Shift Logbook application of B&R APROL = R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's browser session...
PT-2024-36772 · B&R · B&R Aprol
Name of the Vulnerable Software and Affected Versions: B&R APROL versions = R 4.4-00P3 Description: A Reflected Cross-Site Scripting XSS issue in the Shift Logbook application may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's browser session...
B&R Industrial Automation APROL 跨站脚本漏洞
B&R Industrial Automation APROL is a production process management system from B&R Industrial Automation, Austria. A cross-site scripting vulnerability exists in B&R Industrial Automation APROL R version 4.4-00P3 and prior versions, which stems from a cross-site scripting vulnerability contained ...
VulnCheck KEV: CVE-2018-10737
A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/logbook.php txtSearch parameter...
Denial Of Service (DoS)
elog:stretch is vulnerable to denial of service This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
Insecure Access Control
elog does not properly restrict access. A remote attacker is able to post data as any username in the logbook...
Quiver - Tool To Manage All Of Your Tools For Bug Bounty Hunting And Penetration Testing
Quiver is the tool to manage all of your tools. It's an opinionated and curated collection of commands, notes and scripts for bug bounty hunting and penetration testing. Features ZSH / Oh-My-ZSH shell plugin Tab auto-completion Global variables Prefills the command line, doesn't hide commands fro...
ELOG Electronic Logbook Code Issue Vulnerability
ELOG is a web application written in C for creating personal and general purpose logs. A code issue vulnerability exists in the handling of HTTP parameters in ELOG Electronic Logbook version 3.1.4-283534d, which can be exploited by remote attackers to cause a denial of service via a specially...
CVE-2020-8859
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTP parameters. A crafted request...
CVE-2020-8859
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTP parameters. A crafted request...
Null pointer dereference
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTP parameters. A crafted request...
CVE-2020-8859
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTP parameters. A crafted request...
UBUNTU-CVE-2020-8859
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTP parameters. A crafted request...
CVE-2020-8859
Removed by vendor...
CVE-2020-8859
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook 3.1.4-283534d. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTP parameters. A crafted request...
CVE-2020-8859
CVE-2020-8859 affects ELOG Electronic Logbook 3.1.4-283534d. The flaw is in HTTP parameter processing, where a crafted request can trigger a dereference of a null pointer, allowing remote attackers to cause a denial-of-service. Exploitation is unauthenticated and over the network, with the impact...
ELOG Electronic Logbook drop-count Null Pointer Dereference Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of ELOG Electronic Logbook. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HTTP parameters. A crafted request can trigger t...
CVE-2019-20375
A cross-site scripting XSS vulnerability in Electronic Logbook ELOG 3.1.4 allows remote attackers to inject arbitrary web script or HTML via the value parameter in a localization loc command to elogd.c...
CVE-2019-20376
A cross-site scripting XSS vulnerability in Electronic Logbook ELOG 3.1.4 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG document to elogd.c...