15 matches found
EUVD-2024-32370
Malicious code in bioql PyPI...
EUVD-2024-32371
Malicious code in bioql PyPI...
CVE-2024-3799
Insecure handling of POST header parameter body included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reach...
CVE-2024-3799
Insecure handling of POST header parameter body included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reach...
CVE-2024-3798
Insecure handling of GET header parameter file included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reache...
CVE-2024-3798
Insecure handling of GET header parameter file included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reache...
CVE-2024-3799 Shell command injection in Phoniebox
Insecure handling of POST header parameter body included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reach...
CVE-2024-3799
CVE-2024-3799 describes an insecure handling of POST header body in Phoniebox that allows an attacker to craft a webpage which, when visited by a user, causes the user’s browser to send malicious requests to hosts on the local network, potentially triggering shell command execution on the vulnera...
CVE-2024-3799 Shell command injection in Phoniebox
Insecure handling of POST header parameter body included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reach...
CVE-2024-3798 Insecure handling of GET argument in Phoniebox
Insecure handling of GET header parameter file included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reache...
CVE-2024-3798 Insecure handling of GET argument in Phoniebox
Insecure handling of GET header parameter file included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reache...
CVE-2024-3798
CVE-2024-3798 concerns Phoniebox where insecure handling of a GET header parameter file in requests can trigger a website to cause malicious requests to hosts on the local network. The underlying flaw is improper processing of the header parameter, enabling a payload that may lead to shell comman...
PT-2024-27871 · Phoniebox · Phoniebox
Name of the Vulnerable Software and Affected Versions: Phoniebox versions prior to 3.0 Description: The issue is related to insecure handling of the body parameter in POST header requests sent to an instance of the Phoniebox open-source project. This allows an attacker to create a website that,...
Phoniebox Security Breach
Phoniebox is a contactless jukebox for the Raspberry Pi by the individual developer Micz Flor. A security vulnerability exists in Phoniebox version 2.7 and earlier, which stems from insecure handling of the GET header parameter file contained in requests, and is vulnerable to shell command...
Phoniebox Security Breach
Phoniebox is a contactless jukebox for the Raspberry Pi by the individual developer Micz Flor. A security vulnerability exists in Phoniebox version 2.7 and earlier, which stems from the insecure handling of the body of the POST header parameter contained in a request and is vulnerable to shell...