31 matches found
CVE-2024-8778 The SYSCOM Group OMFLOW - Arbitrary File Read
OMFLOW from The SYSCOM Group does not properly validate user input of the download functionality, allowing remote attackers with regular privileges to read arbitrary system files...
CVE-2024-8777 The SYSCOM Group OMFLOW - Information Leakage
OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized remote attackers to read arbitrary system configurations. If LDAP authentication is enabled, attackers can obtain plaintext credentials...
CVE-2024-8777
CVE-2024-8777 concerns OMFLOW from The SYSCOM Group, where an information leakage vulnerability could allow unauthorized remote attackers to read arbitrary system configurations. The issue may be exposed via network access with low attack complexity and no privileges required, with the impact on ...
CVE-2024-8777 The SYSCOM Group OMFLOW - Information Leakage
OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized remote attackers to read arbitrary system configurations. If LDAP authentication is enabled, attackers can obtain plaintext credentials...
SYSCOM OMFLOW 信息泄露漏洞
SYSCOM OMFLOW is an information maintenance management system of SYSCOM China. An information disclosure vulnerability exists in SYSCOM OMFLOW versions 1.1.6.0 through 1.2.1.2, which stems from the presence of an information disclosure vulnerability that could allow an unauthorized, remote attack...
SYSCOM OMFLOW 信息泄露漏洞
SYSCOM OMFLOW is an information maintenance management system from SYSCOM China. An information disclosure vulnerability exists in SYSCOM OMFLOW versions 1.1.6.0 through 1.2.1.2, which stems from not properly limiting the query scope of its data query function, allowing a remote attacker with...
SYSCOM OMFLOW 安全漏洞
SYSCOM OMFLOW is an information maintenance management system from SYSCOM China. A security vulnerability exists in SYSCOM OMFLOW versions 1.1.6.0 through 1.2.1.2, which originates from user input that is not properly validated for the download function, allowing remote attackers with regular...
SYSCOM OMFLOW 安全漏洞
SYSCOM OMFLOW is an information maintenance management system of the Chinese company SYSCOM. A security vulnerability exists in SYSCOM OMFLOW versions 1.1.6.0 through 1.2.1.2, which originates from improperly restricting access to the system settings modification feature, allowing remote attacker...
PT-2024-39245 · Syscom · Omflow
Name of the Vulnerable Software and Affected Versions: OMFLOW from The SYSCOM Group affected versions not specified Description: The issue allows remote attackers with regular privileges to update system settings or create accounts with administrator privileges, thereby gaining control of the...
PT-2024-39244 · Syscom · Omflow
Name of the Vulnerable Software and Affected Versions: OMFLOW from The SYSCOM Group affected versions not specified Description: The issue is related to the download functionality in OMFLOW, which does not properly validate user input. This allows remote attackers with regular privileges to read...
PT-2024-39246 · Syscom · Omflow
Name of the Vulnerable Software and Affected Versions: OMFLOW from The SYSCOM Group affected versions not specified Description: The issue is related to the data query functionality in OMFLOW, which does not properly restrict the query range. This allows remote attackers with regular privileges t...