29 matches found
EUVD-2019-9077
Malware in sbrugna...
EUVD-2019-9078
Malware in sbrugna...
EUVD-2019-9080
Malware in sbrugna...
EUVD-2019-9079
Malware in sbrugna...
CVE-2019-19457
SALTO ProAccess SPACE 5.4.3.0 allows XSS...
CVE-2019-19459
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an attacker to execute arbitrary commands on the server...
CVE-2019-19460
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to...
CVE-2019-19458
SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature...
CVE-2019-19459
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an attacker to execute arbitrary commands on the server...
CVE-2019-19457
SALTO ProAccess SPACE 5.4.3.0 allows XSS...
CVE-2019-19457
SALTO ProAccess SPACE 5.4.3.0 allows XSS...
CVE-2019-19458
SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature...
CVE-2019-19458
SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature...
CVE-2019-19459
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an attacker to execute arbitrary commands on the server...
Cross site scripting
SALTO ProAccess SPACE 5.4.3.0 allows XSS...
Directory traversal
SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature...
Design/Logic Flaw
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an attacker to execute arbitrary commands on the server...
CVE-2019-19460
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to...
CVE-2019-19460
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to...
Design/Logic Flaw
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to...