10 matches found
EUVD-2023-31327
Malicious code in bioql PyPI...
CVE-2023-27583
PanIndex is a network disk directory index. In Panindex prior to version 3.1.3, a hard-coded JWT key PanIndex is used. An attacker can use the hard-coded JWT key to sign JWT token and perform any actions as a user with admin privileges. Version 3.1.3 has a patch for the issue. As a workaround, on...
CVE-2023-27583
PanIndex is a network disk directory index. In Panindex prior to version 3.1.3, a hard-coded JWT key PanIndex is used. An attacker can use the hard-coded JWT key to sign JWT token and perform any actions as a user with admin privileges. Version 3.1.3 has a patch for the issue. As a workaround, on...
Hardcoded credentials
PanIndex is a network disk directory index. In Panindex prior to version 3.1.3, a hard-coded JWT key PanIndex is used. An attacker can use the hard-coded JWT key to sign JWT token and perform any actions as a user with admin privileges. Version 3.1.3 has a patch for the issue. As a workaround, on...
CVE-2023-27583 Panindex uses hard coded cyptographic key
PanIndex is a network disk directory index. In Panindex prior to version 3.1.3, a hard-coded JWT key PanIndex is used. An attacker can use the hard-coded JWT key to sign JWT token and perform any actions as a user with admin privileges. Version 3.1.3 has a patch for the issue. As a workaround, on...
CVE-2023-27583
CVE-2023-27583 affects PanIndex prior to version 3.1.3, where a hard-coded JWT signing key named “PanIndex” enables an attacker to forge tokens and perform admin actions. The issue is mitigated by upgrading to 3.1.3, which ships a patch. As a temporary workaround, the source code can be modified ...
CVE-2023-27583 Panindex uses hard coded cyptographic key
PanIndex is a network disk directory index. In Panindex prior to version 3.1.3, a hard-coded JWT key PanIndex is used. An attacker can use the hard-coded JWT key to sign JWT token and perform any actions as a user with admin privileges. Version 3.1.3 has a patch for the issue. As a workaround, on...
CVE-2023-27583 Panindex uses hard coded cyptographic key
PanIndex is a network disk directory index. In Panindex prior to version 3.1.3, a hard-coded JWT key PanIndex is used. An attacker can use the hard-coded JWT key to sign JWT token and perform any actions as a user with admin privileges. Version 3.1.3 has a patch for the issue. As a workaround, on...
PT-2023-21226 · Panindex · Panindex
Name of the Vulnerable Software and Affected Versions: PanIndex versions prior to 3.1.3 Description: The issue concerns a hard-coded JWT key PanIndex used in PanIndex. This allows an attacker to sign a JWT token and perform actions with admin privileges. Recommendations: For versions prior to...
PanIndex 信任管理问题漏洞
PanIndex is a directory index for netbooks. A security vulnerability exists in PanIndex versions prior to 3.1.3. An attacker exploited the vulnerability to sign a JWT token using a hard-coded JWT key and perform any action as a user with administrator privileges...