19 matches found
EUVD-2022-37054
Malicious code in bioql PyPI...
EUVD-2022-37055
Malicious code in bioql PyPI...
CVE-2022-34022
SQL injection vulnerability in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via a crafted POST request to /ResiotQueryDBActive...
CVE-2022-34021
Multiple Cross Site Scripting XSS vulnerabilities in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via the form fields...
Open redirect
lorawan-stack is an open source LoRaWAN network server. Prior to version 3.24.1, an open redirect exists on the login page of the lorawan stack server, allowing an attacker to supply a user controlled redirect upon sign in. This issue may allows malicious actors to phish users, as users assume th...
CVE-2022-34022
SQL injection vulnerability in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via a crafted POST request to /ResiotQueryDBActive...
CVE-2022-34021
Multiple Cross Site Scripting XSS vulnerabilities in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via the form fields...
CVE-2022-34022
SQL injection vulnerability in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via a crafted POST request to /ResiotQueryDBActive...
Cross site scripting
Multiple Cross Site Scripting XSS vulnerabilities in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via the form fields...
CVE-2022-34020
Cross Site Request Forgery CSRF vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified impacts...
Cross site request forgery (csrf)
Cross Site Request Forgery CSRF vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified impacts...
PT-2022-21972 · Unknown · Resiot Iot Platform +1
Name of the Vulnerable Software and Affected Versions: ResIOT IOT Platform + LoRaWAN Network Server versions through 4.1.1000114 Description: The issue concerns multiple Cross Site Scripting XSS vulnerabilities. These vulnerabilities can be exploited via the form fields. Recommendations: For...
CVE-2022-34022
SQL injection vulnerability in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via a crafted POST request to /ResiotQueryDBActive...
CVE-2022-34020
The CVE-2022-34020 entry concerns ResIOT IOT Platform + LoRaWAN Network Server (up to version 4.1.1000114). A Cross Site Request Forgery (CSRF) vulnerability could allow an attacker to add new admin users, with other unspecified impacts mentioned across sources. Reported impact severity is high (...
CVE-2022-34022
SQL injection vulnerability in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via a crafted POST request to /ResiotQueryDBActive...
CVE-2022-34021
Multiple Cross Site Scripting XSS vulnerabilities in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via the form fields...
CVE-2022-34021
CVE-2022-34021 affects ResIOT IOT Platform + LoRaWAN Network Server up to version 4.1.1000114, with multiple XSS vulnerabilities exploitable via form fields. Reported severity CVSS v3.1 base score 5.4 (Medium). Remediation guidance in PT-Security PR notes a fix-containing version, but no specific...
CVE-2022-34020
Cross Site Request Forgery CSRF vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified impacts...
CVE-2022-34022
CVE-2022-34022 is a SQL injection in the ResIOT IOT Platform + LoRaWAN Network Server up to version 4.1.1000114, exploitable via a crafted POST to /ResiotQueryDBActive. The vulnerability affects the API handling input to that endpoint, leading to potential unauthorized data access or modification...