70 matches found
CVE-2021-23233
Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can be accessed without any authentication information such as the session cookie. An attacker can send requests to sensitive endpoints as an unauthenticated user to perform critical actions or modify critical configuration...
CVE-2021-23233 Fresenius Kabi Agilia Connect Infusion System
Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can be accessed without any authentication information such as the session cookie. An attacker can send requests to sensitive endpoints as an unauthenticated user to perform critical actions or modify critical configuration...
CVE-2021-23233 Fresenius Kabi Agilia Connect Infusion System
Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can be accessed without any authentication information such as the session cookie. An attacker can send requests to sensitive endpoints as an unauthenticated user to perform critical actions or modify critical configuration...
Fresenius Kabi Agilia Connect Infusion System Access Control Error Vulnerability
Fresenius Kabi Agilia Connect Infusion System is an infusion system from the German company Fresenius Kabi.The Fresenius Kabi Agilia Connect Infusion System is vulnerable to an access control error, which could be exploited by an attacker to act as unauthenticated user to send requests to sensiti...
Fresenius Kabi Agilia Connect Infusion System 信任管理问题漏洞
Fresenius Kabi Agilia Connect Infusion System is an infusion system from the German company Fresenius Kabi.The Fresenius Kabi Agilia Connect Infusion System is vulnerable to an access control error, which could be exploited by an attacker to act as unauthenticated user to send requests to sensiti...
Cross-Site Request Forgery (CSRF)
bagisto/bagisto is vulnerable to cross-site request forgery CSRF. The vulnerability exists as sensitive admin endpoints were allowed to use the GET method instead of POST...
Teracue ENC-400 - Command Injection / Missing Authentication
Introduction ============ Multiple vulnerabilities were identified within the Teracue ENC-400, including pre-authenticated remote code authentication. While the vendor has released updated firmware after these issues were identified, they are not all resolved with the latest version of the...
Teracue ENC-400 - Command Injection Missing Authentication
Teracue ENC-400 - Command Injection Missing Authentication Introduction ============ Multiple vulnerabilities were identified within the Teracue ENC-400, including pre-authenticated remote code authentication. While the vendor has released updated firmware after these issues were identified, they...
Teracue ENC-400 Command Injection / Missing Authentication Vulnerabilities
Teracue ENC-400 suffers from hard-coded credential, missing authentication, and command injection vulnerabilities. Teracue ENC-400 Command Injection / Missing Authentication Vulnerabilities Introduction ============ Multiple vulnerabilities were identified within the Teracue ENC-400, including...
Online Trade 1 Information Disclosure
Exploit Title: Online Trade 1 - Information Disclosure Exploit Author: Dhamotharan Date: 2018-07-17 Vendor Homepage: https://codecanyon.net/item/online-trade-online-forex-and-cryptocurrency-investment-system/21987193?srank=14 CVE : CVE-2018-14328 Version: 1 Tested on: Kali Linux Description :...