18 matches found
EUVD-2023-34262
Malicious code in bioql PyPI...
EUVD-2025-6250
Malicious code in bioql PyPI...
EUVD-2025-6243
Malicious code in bioql PyPI...
CVE-2025-1887
SMB forced authentication vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with administrator privileges to obtain NTLMv2-SSP Hash by changing any of the paths to a UNC path pointing to a server controlled by the attacker...
CVE-2025-1886
Pass-Back vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with administrator privileges to discover stored SMTP credentials...
CVE-2025-1887
SMB forced authentication vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with administrator privileges to obtain NTLMv2-SSP Hash by changing any of the paths to a UNC path pointing to a server controlled by the attacker...
CVE-2025-1886
Pass-Back vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with administrator privileges to discover stored SMTP credentials...
CVE-2025-1887 SMB forced authentication vulnerability in Sage 200 Spain
SMB forced authentication vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with administrator privileges to obtain NTLMv2-SSP Hash by changing any of the paths to a UNC path pointing to a server controlled by the attacker...
CVE-2025-1887 SMB forced authentication vulnerability in Sage 200 Spain
SMB forced authentication vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with administrator privileges to obtain NTLMv2-SSP Hash by changing any of the paths to a UNC path pointing to a server controlled by the attacker...
CVE-2025-1887
CVE-2025-1887 concerns an SMB forced authentication vulnerability in Sage 200 Spain, affected in versions prior to 2025.35.000. An authenticated attacker with administrator privileges can obtain an NTLMv2-SSP hash by redirecting a UNC path to a server under the attacker’s control. The root cause ...
CVE-2025-1886
CVE-2025-1886 describes a Pass-Back vulnerability in Sage 200 Spain, affecting versions prior to 2025.35.000. An authenticated user with administrator privileges can disclose stored SMTP credentials, indicating a confidentiality impact. The issue is documented across multiple sources (NVD, Red Ha...
CVE-2025-1886 Pass-Back vulnerability in Sage 200 Spain
Pass-Back vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with administrator privileges to discover stored SMTP credentials...
CVE-2025-1886 Pass-Back vulnerability in Sage 200 Spain
Pass-Back vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with administrator privileges to discover stored SMTP credentials...
CVE-2023-2809
Plaintext credential usage vulnerability in Sage 200 Spain 2023.38.001 version, the exploitation of which could allow a remote attacker to extract SQL database credentials from the DLL application. This vulnerability could be linked to known techniques to obtain remote execution of MS SQL command...
CVE-2023-2809
Plaintext credential usage vulnerability in Sage 200 Spain 2023.38.001 version, the exploitation of which could allow a remote attacker to extract SQL database credentials from the DLL application. This vulnerability could be linked to known techniques to obtain remote execution of MS SQL command...
Sql injection
Plaintext credential usage vulnerability in Sage 200 Spain 2023.38.001 version, the exploitation of which could allow a remote attacker to extract SQL database credentials from the DLL application. This vulnerability could be linked to known techniques to obtain remote execution of MS SQL command...
CVE-2023-2809
Affected software: Sage 200 Spain (Sage 200 Spain), version 2023.38.001. Vulnerability: plaintext credential usage within the DLL application, enabling a remote attacker to extract SQL database credentials. Root cause/impact: credentials stored in plaintext could lead to exposure of SQL credentia...
CVE-2023-2809 Use of Cleartext credentials in Sage 200 Spain
Plaintext credential usage vulnerability in Sage 200 Spain 2023.38.001 version, the exploitation of which could allow a remote attacker to extract SQL database credentials from the DLL application. This vulnerability could be linked to known techniques to obtain remote execution of MS SQL command...