6 matches found
PT-2025-49142
Name of the Vulnerable Software and Affected Versions SolisCloud API affected versions not specified Description The SolisCloud API has a Broken Access Control issue, specifically an Insecure Direct Object Reference IDOR. An authenticated user can access detailed data for any plant by modifying t...
EUVD-2025-11010
Malicious code in bioql PyPI...
CVE-2025-31949
An authenticated attacker can obtain any plant name by knowing the plant ID...
CVE-2025-31949
An authenticated attacker can obtain any plant name by knowing the plant ID...
CVE-2025-31949
Growatt Cloud Applications (Growatt Cloud portal) is affected by CVE-2025-31949. An authenticated attacker can obtain arbitrary plant names by supplying a plant ID, indicating an access/validation weakness in the plant-name retrieval mechanism. Public details confirm vulnerable versions include 3...
PT-2025-16393
Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description An authenticated attacker can obtain any plant name by knowing the plant ID. Recommendations At the moment, there is no information about a newer version that contains a fix for this...