Lucene search
K

321 matches found

Cvelist
Cvelist
added 2023/03/21 12:0 a.m.40 views

CVE-2023-24709

An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and login.xml parameters...

7.5AI score0.44171EPSS
Exploits9References3
CVE
CVE
added 2023/03/21 12:0 a.m.72 views

CVE-2023-24709

Paradox Security Systems IPR512 contains a Denial of Service vulnerability (CVE-2023-24709) in the web panel due to handling of login.html and login.xml parameters. Attackers can crash the login page, as demonstrated by PoC/exploit material tied to the IPR512, with no publicly documented fix in t...

7.5CVSS7.2AI score0.44171EPSS
Exploits9References3Affected Software1
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/02/16 5:0 p.m.19 views

Cybersecurity health and how to stay ahead of attackers with Linda Grasso

The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Linda Grasso, the...

6.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2023/02/16 5:0 p.m.29 views

Cybersecurity health and how to stay ahead of attackers with Linda Grasso

The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Linda Grasso, the...

6.8AI score
Exploits0
CNNVD
CNNVD
added 2023/02/08 12:0 a.m.6 views

Bosch Security Systems B420 安全漏洞

Bosch Security Systems B420 is an Ethernet communication module from Bosch Security Systems, USA. A security vulnerability exists in Bosch Security Systems B420 version 02.02.0001. An attacker who exploits this vulnerability could gain access to their device by being on the same network as a...

8.8CVSS8AI score0.00425EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2023/01/26 12:13 p.m.63 views

Exploit for Code Injection in Paradox Ipr512_Firmware

Injection vulnerability in Paradox Security Systems IPR512 - C...

7.5CVSS7.8AI score0.44171EPSS
Exploits9
GithubExploit
GithubExploit
added 2023/01/26 12:13 p.m.146 views

Exploit for Code Injection in Paradox Ipr512_Firmware

Injection vulnerability in Paradox Security Systems IPR512 - C...

7.5CVSS7.8AI score0.44171EPSS
Exploits9
GithubExploit
GithubExploit
added 2023/01/26 12:13 p.m.189 views

Exploit for Code Injection in Paradox Ipr512_Firmware

Injection vulnerability in Paradox Security Systems IPR512 - C...

7.5CVSS7.8AI score0.44171EPSS
Exploits9
Openbugbounty
Openbugbounty
added 2023/01/07 6:52 p.m.15 views

fabuloushaircosmetics.nl Cross Site Scripting vulnerability OBB-3132240

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Prion
Prion
added 2022/09/13 10:15 p.m.21 views

Code injection

Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges via overwriting files using SUID flagged executables...

4.3CVSS7.7AI score0.00311EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/09/13 10:15 p.m.21 views

Arbitrary file deletion

An arbitrary file download vulnerability in the downloadAction function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request...

4CVSS6.4AI score0.00398EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/09/13 10:0 p.m.51 views

CVE-2022-31322

The CVE-2022-31322 entry affects Penta Security Systems’ WAPPLES, specifically version 6.0 r3 with 4.10-hotfix1. The vulnerability allows privilege escalation by overwriting files using SUID-enabled executables. Root cause and affected component: SUID flagged executables enabling local privilege ...

7.8CVSS7.7AI score0.00311EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/09/13 10:0 p.m.34 views

CVE-2022-31322

Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges via overwriting files using SUID flagged executables...

8AI score0.00311EPSS
Exploits0References2
CVE
CVE
added 2022/09/13 10:0 p.m.55 views

CVE-2022-31324

CVE-2022-31324 (WAPPLES) : A vulnerability in Penta Security Systems Inc WAPPLES (version 6.0 r3 4.10-hotfix1) within the downloadAction() function allows an attacker to download arbitrary files via a crafted POST request. This is stated across multiple sources (NVD, Red Hat advisory, CVE lists) ...

6.5CVSS6.4AI score0.00398EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/09/13 10:0 p.m.36 views

CVE-2022-31324

An arbitrary file download vulnerability in the downloadAction function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request...

6.6AI score0.00398EPSS
Exploits0References2
CVE
CVE
added 2022/09/13 10:0 p.m.56 views

CVE-2022-35582

CVE-2022-35582 pertains to Penta Security WAPPLES (versions 4.0., 5.0.0. , 5.0.12.*) with an Incorrect Access Control flaw: the OS includes a built-in non-privileged user named ‘penta’ with a predefined password, whose existence and credentials are not documented. This enables potential unauthori...

8.8CVSS8.8AI score0.00744EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/09/13 12:0 a.m.4 views

Penta Security Systems WAPPLES 信任管理问题漏洞

Penta Security Systems WAPPLES is a logical Web application firewall from Penta Security Systems, India. A security vulnerability exists in Penta Security Systems WAPPLES v6.0 r3 version 4.10-hotfix1, which originated from a vulnerability that allows an attacker to elevate privileges by overwriti...

7.8CVSS7.4AI score0.00311EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/09/13 12:0 a.m.4 views

Penta Security Systems WAPPLES 安全漏洞

Penta Security Systems WAPPLES is a logical Web application firewall from Penta Security Systems, India. A security vulnerability in Penta Security Systems WAPPLES v6.0 r3 version 4.10-hotfix1, which originates from an arbitrary file download vulnerability in the downloadAction function, allows a...

6.5CVSS6.7AI score0.00398EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/09/13 12:0 a.m.8 views

PT-2022-20686 · Penta Security Systems Inc · Wapples

Name of the Vulnerable Software and Affected Versions: Penta Security Systems Inc WAPPLES version 6.0 r3 4.10-hotfix1 Description: The issue allows attackers to escalate privileges via overwriting files using SUID flagged executables. Recommendations: For Penta Security Systems Inc WAPPLES versio...

7.8CVSS7.8AI score0.00311EPSS
Exploits0References6
Packet Storm
Packet Storm
added 2022/07/21 12:0 a.m.335 views

Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) Remote Root

SpaceLogic.ps1 Schneider Electric SpaceLogic C-Bus Home Controller 5200WHC2 Remote Root Exploit Vendor: Schneider Electric SE Product web page: https://www.se.com https://www.se.com/ww/en/product/5200WHC2/home-controller-spacelogic-cbus-cbus-ip-free-standing-24v-dc/...

0.2AI score0.71084EPSS
Exploits6
Rows per page
Query Builder