37 matches found
EUVD-2020-8212
Malware in sbrugna...
EUVD-2020-8208
Malware in sbrugna...
EUVD-2023-58798
Malicious code in bioql PyPI...
EUVD-2024-17015
Malicious code in bioql PyPI...
GE Reason S20 Ethernet Switch Improper Neutralization of Input During Web Page Generation (CVE-2020-16246)
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting XSS, which may allow attackers to trick users into following a link or navigating to a page that posts a malicious JavaScript statement to the vulnerable site, causing the malicious JavaScript to be rendered by the site...
GE Reason S20 Ethernet Switch Improper Neutralization of Input During Web Page Generation (CVE-2020-16242)
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting XSS, which may allow an attacker to trick application users into performing critical application actions that include, but are not limited to, adding and updating accounts. This plugin only works with Tenable.ot. Please...
GE S2020/S2020G Fast Switch 61850 Improper Neutralization of Input During Web Page Generation (CVE-2019-18267)
An issue was found in GE S2020/S2020G Fast Switch 61850, S2020/S2020G Fast Switch 61850 Versions 07A03 and prior. An attacker can inject arbitrary Javascript in a specially crafted HTTP request that may be reflected back in the HTTP response. The device is also vulnerable to a stored cross-site...
CVE-2024-1254
A vulnerability, which was classified as critical, was found in Byzoro Smart S20 Management Platform up to 20231120. This affects an unknown part of the file /sysmanage/sysmanageajax.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. T...
CVE-2020-25056
An issue was discovered on Samsung mobile devices with Q10.0 Galaxy S20 software. Because HAL improperly checks versions, bootloading by the S.LSI NFC chipset is mishandled. The Samsung ID is SVE-2020-16169 August 2020...
CVE-2024-1254
A vulnerability, which was classified as critical, was found in Byzoro Smart S20 Management Platform up to 20231120. This affects an unknown part of the file /sysmanage/sysmanageajax.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. T...
CVE-2024-1254
A vulnerability, which was classified as critical, was found in Byzoro Smart S20 Management Platform up to 20231120. This affects an unknown part of the file /sysmanage/sysmanageajax.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. T...
Sql injection
A vulnerability, which was classified as critical, was found in Beijing Baichuo Smart S20 Management Platform up to 20231120. This affects an unknown part of the file /sysmanage/sysmanageajax.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack...
CVE-2024-1254 Byzoro Smart S20 Management Platform sysmanageajax.php sql injection
A vulnerability, which was classified as critical, was found in Byzoro Smart S20 Management Platform up to 20231120. This affects an unknown part of the file /sysmanage/sysmanageajax.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. T...
CVE-2024-1254 Byzoro Smart S20 Management Platform sysmanageajax.php sql injection
A vulnerability, which was classified as critical, was found in Byzoro Smart S20 Management Platform up to 20231120. This affects an unknown part of the file /sysmanage/sysmanageajax.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. T...
CVE-2024-1254
Summary: CVE-2024-1254 affects Beijing Baichuo / Byzoro Smart S20 Management Platform up to 20231120. The vulnerability is in the file /sysmanage/sysmanageajax.php, where manipulation of the id parameter yields an SQL injection. Exploitation is possible remotely, and public exploits have been dis...
Beijing Baichuo Smart S20 SQL Injection Vulnerability
The Beijing Baichuo Smart S20 is an Internet Behavior Management appliance from Beijing Baichuo, China. A SQL injection vulnerability exists in Beijing Baichuo Smart S20 Management Platform version 20231120 and prior versions, which stems from an incorrect operation of the parameter id that can...
CVE-2023-6574
A vulnerability was found in Byzoro Smart S20 up to 20231120 and classified as critical. Affected by this issue is some unknown functionality of the file /sysmanage/updateos.php of the component HTTP POST Request Handler. The manipulation of the argument 1fileupload leads to unrestricted upload...
CVE-2023-6574
A vulnerability was found in Byzoro Smart S20 up to 20231120 and classified as critical. Affected by this issue is some unknown functionality of the file /sysmanage/updateos.php of the component HTTP POST Request Handler. The manipulation of the argument 1fileupload leads to unrestricted upload...
CVE-2023-6574
CVE-2023-6574 affects Byzoro Smart S20 (up to 20231120) and Beijing Baichuo Smart S20. The flaw is in the HTTP POST Request Handler, specifically the 1_file_upload argument in /sysmanage/updateos.php, whose manipulation leads to unrestricted file upload. The vulnerability allows remote exploitati...
CVE-2023-6574 Byzoro Smart S20 HTTP POST Request updateos.php unrestricted upload
A vulnerability was found in Byzoro Smart S20 up to 20231120 and classified as critical. Affected by this issue is some unknown functionality of the file /sysmanage/updateos.php of the component HTTP POST Request Handler. The manipulation of the argument 1fileupload leads to unrestricted upload...