26 matches found
EUVD-2023-12417
Malicious code in bioql PyPI...
The vulnerability of the MODULYS GP (MOD3GP-SY-120K) web-based management application allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the MODULYS GP MOD3GP-SY-120K web-based management application relates to the insecure storage of confidential information. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
The vulnerability of the MODULYS GP (MOD3GP-SY-120K) module-based power supply management web application allows a attacker to perform arbitrary actions.
The vulnerability of the MODULYS GP MOD3GP-SY-120K web-based management application relates to its dependence on cookie files without any checks for their validity and integrity. Exploiting this vulnerability could allow an attacker to perform arbitrary actions remotely...
The vulnerability of the MODULYS GP (MOD3GP-SY-120K) module-based power supply management web application allows a attacker to execute arbitrary code.
The vulnerability of the MODULYS GP MOD3GP-SY-120K module-based power supply management web application is related to incorrect code generation. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...
The vulnerability in the MODULYS GP (MOD3GP-SY-120K) module-based failover management web application allows attackers to execute attacks using cross-site scripting (XSS).
The vulnerability of the MODULYS GP MOD3GP-SY-120K web-based management application exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out attacks using cross-site scripting XSS...
The vulnerability in the MODULYS GP (MOD3GP-SY-120K) module-based failover management web application allows attackers to execute attacks using cross-site scripting (XSS).
The vulnerability of the MODULYS GP MOD3GP-SY-120K web-based management application exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out attacks using cross-site scripting XSS...
The vulnerability of the MODULYS GP (MOD3GP-SY-120K) module-based power supply management web application allows a attacker to perform arbitrary actions.
The vulnerability of the MODULYS GP MOD3GP-SY-120K web-based management application relates to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to perform arbitrary actions remotely...
Socomec MODULYS GP Security Vulnerability
The Socomec MODULYS GP is a green power device from Socomec France. A security vulnerability exists in the Socomec MODULYS GP that stems from incorrect session management in a web application, which could allow an attacker to steal a session cookie in order to perform a variety of actions allowed...
Socomec MODULYS GP Security Vulnerability
The Socomec MODULYS GP is a green power device from Socomec France. A security vulnerability exists in the Socomec MODULYS GP that stems from incorrect session management in a web application that allows remote access to credentials...
Socomec MODULYS GP Security Vulnerability
The Socomec MODULYS GP is a green power device from Socomec France. A security vulnerability exists in the Socomec MODULYS GP that stems from a lack of security in the authentication process, where information can be obtained by sending a number of requests in the web application of a vulnerable...
Socomec MODULYS GP Cross-Site Scripting Vulnerability
Socomec MODULYS GP is a green power supply device from Socomec France. The Socomec MODULYS GP suffers from a cross-site scripting vulnerability that can be exploited by anyone to inject cross-site scripts...
Socomec MODULYS GP Cross-Site Request Forgery Vulnerability
Socomec MODULYS GP is a green power device from Socomec, France. The Socomec MODULYS GP suffers from a cross-site request forgery vulnerability that stems from a weakness in a web application at the user administration level, which could allow an attacker to obtain the information required to...
Socomec MODULYS GP Code Injection Vulnerability
Socomec MODULYS GP is a green power supply device from Socomec France. The Socomec MODULYS GP suffers from a code injection vulnerability that stems from a lack of filters and can execute injected malicious code when accessed by a legitimate user...
PT-2023-5302 · Unknown · Modulys Gp
Name of the Vulnerable Software and Affected Versions: MODULYS GP MOD3GP-SY-120K affected versions not specified Description: The issue exists due to a lack of protection for the web page structure, allowing a remote attacker to perform cross-site scripting XSS attacks. This could enable an...
PT-2023-5300 · Unknown · Modulys Gp
Name of the Vulnerable Software and Affected Versions: MODULYS GP MOD3GP-SY-120K affected versions not specified Description: The absence of filters when loading some sections in the web application of the vulnerable device allows potential attackers to inject malicious code that will be...
PT-2023-5299 · Unknown · Modulys Gp
Name of the Vulnerable Software and Affected Versions: MODULYS GP MOD3GP-SY-120K affected versions not specified Description: The issue is related to incorrect session management within the web application, allowing attackers to steal session cookies and perform various actions on the device. Thi...
PT-2023-5298 · Unknown · Modulys Gp
Name of the Vulnerable Software and Affected Versions: MODULYS GP MOD3GP-SY-120K affected versions not specified Description: The issue is related to the lack of security in the authentication process of the web application, allowing information to be obtained by sending specific requests. This i...
CVE-2023-0356
SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information...
CVE-2023-0356
SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information...
Information disclosure
SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information...