Lucene search
K

34 matches found

Positive Technologies
Positive Technologies
added 2023/03/23 12:0 a.m.7 views

PT-2023-16719 · Unknown · Koc Energy Web Report System

Name of the Vulnerable Software and Affected Versions: As Koc Energy Web Report System versions prior to 23.03.10 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. Recommendations: For...

6.1CVSS6.2AI score0.00357EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/03/23 12:0 a.m.3 views

AsKoc Energy Web Report System 跨站脚本漏洞

AsKoc Energy Web Report System is a Web site of AsKoc Inc. A security vulnerability exists in the AsKoc Energy Web Report System prior to version 23.03.10, which is a reflective cross-site scripting vulnerability that stems from an improper neutralization of input during web page generation...

6.1CVSS5.7AI score0.00357EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/03/23 12:0 a.m.8 views

PT-2023-16718 · Unknown · Koc Energy Web Report System

Name of the Vulnerable Software and Affected Versions: As Koc Energy Web Report System versions prior to 23.03.10 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

9.8CVSS9.6AI score0.0062EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/03/23 12:0 a.m.6 views

AsKoc Energy Web Report System SQL注入漏洞

AsKoc Energy Web Report System is a website of AsKoc Inc. A security vulnerability exists in AsKoc Energy Web Report System versions prior to 23.03.10 that stems from an improper neutralization of a particular element used and a SQL injection vulnerability...

9.8CVSS8.6AI score0.0062EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/12/30 7:6 a.m.2 views

CVE-2021-44160

Carinal Tien Hospital Health Report System’s login page has improper authentication, a remote attacker can acquire another general user’s privilege by modifying the cookie parameter without authentication. The attacker can then perform limited operations on the system or modify data, making the...

7.5CVSS7.2AI score0.01066EPSS
Exploits0References2
CNVD
CNVD
added 2021/12/30 12:0 a.m.12 views

Unspecified vulnerability in Carinal Tien Hospital Health Report System

Carinal Tien Hospital Health Report System 耕莘醫院健检報告查询系統 is a hospital health report query system of Keng Hsien Hospital in Taiwan, China. A security vulnerability exists in the Carinal Tien Hospital Health Report System, which can be exploited by an attacker to gain access to other users without...

7.5CVSS7.4AI score0.01066EPSS
Exploits0References1
NVD
NVD
added 2021/12/29 8:15 a.m.13 views

CVE-2021-44160

Carinal Tien Hospital Health Report System’s login page has improper authentication, a remote attacker can acquire another general user’s privilege by modifying the cookie parameter without authentication. The attacker can then perform limited operations on the system or modify data, making the...

7.5CVSS0.01066EPSS
Exploits0References1
Prion
Prion
added 2021/12/29 8:15 a.m.15 views

Authentication flaw

Carinal Tien Hospital Health Report System’s login page has improper authentication, a remote attacker can acquire another general user’s privilege by modifying the cookie parameter without authentication. The attacker can then perform limited operations on the system or modify data, making the...

7.5CVSS7.2AI score0.01066EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/12/29 7:15 a.m.13 views

CVE-2021-44160 Carinal Tien Hospital Health Report System - Authorization Bypass Through User-Controlled Key

Carinal Tien Hospital Health Report System’s login page has improper authentication, a remote attacker can acquire another general user’s privilege by modifying the cookie parameter without authentication. The attacker can then perform limited operations on the system or modify data, making the...

7.3CVSS7.4AI score0.01066EPSS
Exploits0References1
CVE
CVE
added 2021/12/29 7:15 a.m.37 views

CVE-2021-44160

The CVE refers to Carinal Tien Hospital Health Report System, whose login page authenticates improperly. A remote attacker can modify the cookie parameter to bypass authentication and gain another general user’s privileges, enabling limited system operations or data modification and making the se...

7.5CVSS7.2AI score0.01066EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/12/29 12:0 a.m.2 views

Carinal Tien Hospital Health Report System 安全漏洞

Carinal Tien Hospital Health Report System 耕莘醫院健检報告查询系統 is a hospital health report query system of Keng Hsien Hospital in Taiwan, China. A security vulnerability exists in the Carinal Tien Hospital Health Report System, which can be exploited by an attacker to gain access to other users without...

7.5CVSS5.6AI score0.01066EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/12/29 12:0 a.m.2 views

PT-2021-24054 · Unknown · Carinal Tien Hospital Health Report System

Name of the Vulnerable Software and Affected Versions: Carinal Tien Hospital Health Report System affected versions not specified Description: The system's login page has improper authentication, allowing a remote attacker to acquire another user's privilege by modifying the cookie parameter...

7.5CVSS7.1AI score0.01066EPSS
Exploits0References3
Fedora
Fedora
added 2007/11/13 12:5 a.m.51 views

[SECURITY] Fedora 7 Update: kdesdk-3.5.8-2.fc7

A collection of applications and tools used by developers, including: cervisia: a CVS frontend kbabel: PO file management kbugbuster: a tool to manage the KDE bug report system kcachegrind: a browser for data produced by profiling tools e.g. cachegr ind kompare: diff tool kuiviewer: displays...

9.3CVSS2.4AI score0.0702EPSS
Exploits1
securityvulns
securityvulns
added 2005/07/06 12:0 a.m.42 views

GNATS - gen-index

Name: GNATS - gen-index Vendor URL: http://www.gnu.org/software/gnats Author: Adam Zabrocki [email protected] Date: June 16, 2005 Issue: GNATS - the GNU problem report management system allows attacker to overwrite files with privileges suid root when compiled from sources and there isn't in system...

Exploits0
Rows per page
Query Builder