34 matches found
EUVD-2024-32282
Malicious code in bioql PyPI...
EUVD-2024-32281
Malicious code in bioql PyPI...
EUVD-2024-32279
Malicious code in bioql PyPI...
EUVD-2024-32280
Malicious code in bioql PyPI...
PT-2024-27237 · Espeto · Opengnsys
Name of the Vulnerable Software and Affected Versions: OpenGnsys version 1.1.1d Espeto Description: A SQL Injection issue has been discovered, allowing an attacker to inject malicious SQL code into the login page. This could enable the attacker to bypass the login or retrieve all the information...
PT-2024-41392 · Undefined · Undefined
🚨 CVE-2024-3704 SQL Injection Vulnerability has been found on OpenGnsys product affecting version 1.1.1d Espeto. This vulnerability allows an attacker to inject malicious SQL code into login page to bypass it or even retrieve all the information stored in the database. 🎖@cveNotify...
CVE-2024-3707
Information exposure vulnerability in OpenGnsys affecting version 1.1.1d Espeto. This vulnerability allows an attacker to enumerate all files in the web tree by accessing a php file...
CVE-2024-3706
Information exposure vulnerability in OpenGnsys affecting version 1.1.1d Espeto. This vulnerability allows an attacker to view a php backup file controlaccess.php-LAST where database credentials are stored...
CVE-2024-3706
Information exposure vulnerability in OpenGnsys affecting version 1.1.1d Espeto. This vulnerability allows an attacker to view a php backup file controlaccess.php-LAST where database credentials are stored...
CVE-2024-3707
Information exposure vulnerability in OpenGnsys affecting version 1.1.1d Espeto. This vulnerability allows an attacker to enumerate all files in the web tree by accessing a php file...
CVE-2024-3705
Unrestricted file upload vulnerability in OpenGnsys affecting version 1.1.1d Espeto. This vulnerability allows an attacker to send a POST request to the endpoint '/opengnsys/images/MIcons.php' modifying the file extension, due to lack of file extension verification, resulting in a webshell...
CVE-2024-3704
SQL Injection Vulnerability has been found on OpenGnsys product affecting version 1.1.1d Espeto. This vulnerability allows an attacker to inject malicious SQL code into login page to bypass it or even retrieve all the information stored in the database...
CVE-2024-3705
Unrestricted file upload vulnerability in OpenGnsys affecting version 1.1.1d Espeto. This vulnerability allows an attacker to send a POST request to the endpoint '/opengnsys/images/MIcons.php' modifying the file extension, due to lack of file extension verification, resulting in a webshell...
CVE-2024-3704
SQL Injection Vulnerability has been found on OpenGnsys product affecting version 1.1.1d Espeto. This vulnerability allows an attacker to inject malicious SQL code into login page to bypass it or even retrieve all the information stored in the database...
CVE-2024-3707 Exposure of Information Through Directory Listing vulnerability in OpenGnsys
Information exposure vulnerability in OpenGnsys affecting version 1.1.1d Espeto. This vulnerability allows an attacker to enumerate all files in the web tree by accessing a php file...
CVE-2024-3707 Exposure of Information Through Directory Listing vulnerability in OpenGnsys
Information exposure vulnerability in OpenGnsys affecting version 1.1.1d Espeto. This vulnerability allows an attacker to enumerate all files in the web tree by accessing a php file...
CVE-2024-3707
OpenGnsys version 1.1.1d (Espeto) is affected by CVE-2024-3707, an information exposure vulnerability in the web interface that allows an attacker to enumerate all files in the web tree by accessing a PHP file. The issue is described as a directory-listing / information disclosure flaw in OpenGns...
CVE-2024-3706 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in OpenGnsys
Information exposure vulnerability in OpenGnsys affecting version 1.1.1d Espeto. This vulnerability allows an attacker to view a php backup file controlaccess.php-LAST where database credentials are stored...
CVE-2024-3706 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in OpenGnsys
Information exposure vulnerability in OpenGnsys affecting version 1.1.1d Espeto. This vulnerability allows an attacker to view a php backup file controlaccess.php-LAST where database credentials are stored...
CVE-2024-3706
OpenGnsys, version 1.1.1d (Espeto), contains an information exposure vulnerability where an attacker can view the php backup file controlaccess.php-LAST, which stores database credentials. The issue is documented across multiple sources (NVD/CVE records) as a vulnerability with network-based acce...