Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-27695

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00954EPSS
Exploits1References3
Prion
Prion
added 2023/01/15 7:15 a.m.17 views

Format string

BlueCat Device Registration Portal 2.2 allows XXE attacks that exfiltrate single-line files. A single-line file might contain credentials, such as "machine example.com login daniel password qwerty" in the documentation example for the .netrc file format. NOTE: 2.x versions are no longer supported...

5CVSS7.4AI score0.00954EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/01/15 12:0 a.m.25 views

CVE-2023-23595

BlueCat Device Registration Portal 2.2 allows XXE attacks that exfiltrate single-line files. A single-line file might contain credentials, such as "machine example.com login daniel password qwerty" in the documentation example for the .netrc file format. NOTE: 2.x versions are no longer supported...

7.6AI score0.00954EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/01/15 12:0 a.m.5 views

BlueCat Networks Device Registration Portal 代码问题漏洞

BlueCat Networks Device Registration Portal is a standalone application from BlueCat Networks, Inc. for auditing and tracking all devices attempting to connect to the network. A security vulnerability exists in BlueCat Networks Device Registration Portal version 2.2 that stems from an XXE attack...

7.5CVSS7.4AI score0.00954EPSS
Exploits1References4
CVE
CVE
added 2023/01/15 12:0 a.m.64 views

CVE-2023-23595

CVE-2023-23595 affects BlueCat Device Registration Portal (DRP) 2.2. The issue is an XXE vulnerability that can exfiltrate single-line files (for example, a line that could contain credentials in a .netrc-like format). Public details consistently describe the vulnerable component as the DRP and c...

7.5CVSS7.3AI score0.00954EPSS
Exploits1References3Affected Software1
Hacker One
Hacker One
added 2021/08/15 8:24 a.m.11 views

MTN Group: There is no rate limit for SME REGISTRATION PORTAL

Summary: The speed limit for the https://mtngbissau.com/registo/ endpoint has not been implemented. Steps To Reproduce: 1. Go to the https://mtngbissau.com/registo/ 2. fill out the Registration form 3. Send request to Intruder. 4. Set your payloads and start attack. 5. There is no rate-limit...

0.6AI score
Exploits0
ThreatPost
ThreatPost
added 2016/05/04 1:34 p.m.9 views

Identity Thieves Used Leaked PII to Steal ADP Payroll Info

Cybercriminals accessed a W-2 portal maintained by payroll company ADP recently to glean sensitive information about employees at a handful of companies. The company is stressing that the company itself wasn’t hacked, but that it appears identity thieves may have been able to create ADP accounts ...

0.4AI score
Exploits0References3
Rows per page
Query Builder