15 matches found
EUVD-2024-32370
Malicious code in bioql PyPI...
EUVD-2024-32371
Malicious code in bioql PyPI...
CVE-2024-3799
Insecure handling of POST header parameter body included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reach...
CVE-2024-3799
Insecure handling of POST header parameter body included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reach...
CVE-2024-3798
Insecure handling of GET header parameter file included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reache...
CVE-2024-3798
Insecure handling of GET header parameter file included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reache...
CVE-2024-3799 Shell command injection in Phoniebox
Insecure handling of POST header parameter body included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reach...
CVE-2024-3799 Shell command injection in Phoniebox
Insecure handling of POST header parameter body included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reach...
CVE-2024-3799
CVE-2024-3799 describes an insecure handling of POST header body in Phoniebox that allows an attacker to craft a webpage which, when visited by a user, causes the user’s browser to send malicious requests to hosts on the local network, potentially triggering shell command execution on the vulnera...
CVE-2024-3798 Insecure handling of GET argument in Phoniebox
Insecure handling of GET header parameter file included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reache...
CVE-2024-3798
CVE-2024-3798 concerns Phoniebox where insecure handling of a GET header parameter file in requests can trigger a website to cause malicious requests to hosts on the local network. The underlying flaw is improper processing of the header parameter, enabling a payload that may lead to shell comman...
CVE-2024-3798 Insecure handling of GET argument in Phoniebox
Insecure handling of GET header parameter file included in requests being sent to an instance of the open-source project Phoniebox allows an attacker to create a website, which – when visited by a user – will send malicious requests to multiple hosts on the local network. If such a request reache...
Phoniebox Security Breach
Phoniebox is a contactless jukebox for the Raspberry Pi by the individual developer Micz Flor. A security vulnerability exists in Phoniebox version 2.7 and earlier, which stems from insecure handling of the GET header parameter file contained in requests, and is vulnerable to shell command...
PT-2024-27871 · Phoniebox · Phoniebox
Name of the Vulnerable Software and Affected Versions: Phoniebox versions prior to 3.0 Description: The issue is related to insecure handling of the body parameter in POST header requests sent to an instance of the Phoniebox open-source project. This allows an attacker to create a website that,...
Phoniebox Security Breach
Phoniebox is a contactless jukebox for the Raspberry Pi by the individual developer Micz Flor. A security vulnerability exists in Phoniebox version 2.7 and earlier, which stems from the insecure handling of the body of the POST header parameter contained in a request and is vulnerable to shell...