140 matches found
CVE-2021-35951
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows an Unauthenticated Remote attacker to send a malicious firmware update via BLE and brick the device...
CVE-2021-35954
fastrack Reflex 2.0 W307SREFLEXv90.89 Activity Tracker allows physically proximate attackers to dump the firmware, flash custom malicious firmware, and brick the device via the Serial Wire Debug SWD feature...
CVE-2021-35952
The vulnerability CVE-2021-35952 affects fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker. The issue stems from Bluetooth LE Characteristics on handle 0x0017, allowing a remote attacker to modify the device’s time, date, and month. Impact is a time/date manipulation capability with a CVSS...
PT-2022-10480 · Unknown · Fastrack Reflex 2.0
Name of the Vulnerable Software and Affected Versions: fastrack Reflex 2.0 W307S REFLEX v90.89 Activity Tracker Description: The issue allows a remote attacker to cause a Denial of Service, resulting in a device outage. This can be achieved via crafted choices of the last three bytes of a...
automotoecolereflex.fr Cross Site Scripting vulnerability OBB-2870799
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
reflex-winkelmann.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1163108 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
WordPress reflex-gallery plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. reflex-gallery is a responsive photo gallery plugin used in it. A cross-site scripting vulnerability exists in the WordPress...
CVE-2013-7482
The reflex-gallery plugin before 1.4.3 for WordPress has XSS...
Cross site scripting
The reflex-gallery plugin before 1.4.3 for WordPress has XSS...
CVE-2013-7482
The reflex-gallery plugin before 1.4.3 for WordPress has XSS...
CVE-2013-7482
The CVE-2013-7482 entry concerns the Reflex Gallery WordPress plugin, with the affected component being the reflex-gallery plugin for WordPress. Multiple connected sources confirm a cross-site scripting (XSS) vulnerability present in versions prior to 1.4.3. The Red Hat entry and CNVD/CVE records...
WordPress ReFlex Gallery 3.1.3 File Upload
File upload in WordPress ReFlex Gallery plugin php.php Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...
Reflex Latino - BSD license, Customized SSL, LGPL license vulnerabilities
HackApp vulnerability scanner discovered that application Reflex Latino published at the 'play' market has multiple vulnerabilities...
Threat Outbreak Alert RuleID20196: Email Messages Distributing Malicious Software on December 20, 2015
Medium Alert ID: 42796 First Published: 2015 December 21 15:25 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID20196 may contain the following files: Name |...
CVE-2015-4133
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in uploads/...
CVE-2015-4133
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in uploads/...
CVE-2015-4133
CVE-2015-4133 concerns the ReFlex Gallery WordPress plugin (affected version: before 3.1.4). The issue is an unrestricted file upload in admin/scripts/FileUploader/php.php, allowing an attacker to upload a PHP file and access it via uploads/ to execute arbitrary code remotely. The root cause is i...
WordPress ReFlex Gallery Plugin <= 3.1.3 - Unrestricted File Upload
This vulnerability is in admin/scripts/FileUploader/php.php. It allows an attacker to execute arbitrary PHP code by uploading a file with a PHP extension. And then an attacker can access it via a direct request to the file in uploads/ directory. Solution Update the plugin...
WordPress ReFlex Gallery Plugin <= 1.4.2 - Unspecified XSS
Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update plugin...
WordPress ReFlex Gallery Plugin <= 1.3 - Shell Upload
This plugin is prone to a shell upload vulnerability. Solution Update plugin...