Lucene search
+L

70 matches found

osv
osv
added 2022/01/21 7:15 p.m.5 views

CVE-2021-23233

Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can be accessed without any authentication information such as the session cookie. An attacker can send requests to sensitive endpoints as an unauthenticated user to perform critical actions or modify critical configuration...

9.8CVSS5.8AI score0.00945EPSS
Exploits0References1
cvelist
cvelist
added 2022/01/21 6:17 p.m.22 views

CVE-2021-23233 Fresenius Kabi Agilia Connect Infusion System

Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can be accessed without any authentication information such as the session cookie. An attacker can send requests to sensitive endpoints as an unauthenticated user to perform critical actions or modify critical configuration...

7.3CVSS9.7AI score0.00945EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2022/01/21 6:17 p.m.4 views

CVE-2021-23233 Fresenius Kabi Agilia Connect Infusion System

Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can be accessed without any authentication information such as the session cookie. An attacker can send requests to sensitive endpoints as an unauthenticated user to perform critical actions or modify critical configuration...

7.3CVSS9.6AI score0.00945EPSS
Exploits0References1
cnvd
cnvd
added 2021/12/23 12:0 a.m.33 views

Fresenius Kabi Agilia Connect Infusion System Access Control Error Vulnerability

Fresenius Kabi Agilia Connect Infusion System is an infusion system from the German company Fresenius Kabi.The Fresenius Kabi Agilia Connect Infusion System is vulnerable to an access control error, which could be exploited by an attacker to act as unauthenticated user to send requests to sensiti...

9.8CVSS4.2AI score0.00945EPSS
Exploits0References1
cnnvd
cnnvd
added 2021/12/21 12:0 a.m.4 views

Fresenius Kabi Agilia Connect Infusion System 信任管理问题漏洞

Fresenius Kabi Agilia Connect Infusion System is an infusion system from the German company Fresenius Kabi.The Fresenius Kabi Agilia Connect Infusion System is vulnerable to an access control error, which could be exploited by an attacker to act as unauthenticated user to send requests to sensiti...

9.8CVSS5.6AI score0.00945EPSS
Exploits0References5
veracode
veracode
added 2019/08/13 3:10 a.m.18 views

Cross-Site Request Forgery (CSRF)

bagisto/bagisto is vulnerable to cross-site request forgery CSRF. The vulnerability exists as sensitive admin endpoints were allowed to use the GET method instead of POST...

8.8CVSS3.3AI score0.00603EPSS
Exploits1References3Affected Software1
exploitdb
exploitdb
added 2019/02/22 12:0 a.m.73 views

Teracue ENC-400 - Command Injection / Missing Authentication

Introduction ============ Multiple vulnerabilities were identified within the Teracue ENC-400, including pre-authenticated remote code authentication. While the vendor has released updated firmware after these issues were identified, they are not all resolved with the latest version of the...

10CVSS7.8AI score0.15362EPSS
Exploits5
exploitpack
exploitpack
added 2019/02/22 12:0 a.m.78 views

Teracue ENC-400 - Command Injection Missing Authentication

Teracue ENC-400 - Command Injection Missing Authentication Introduction ============ Multiple vulnerabilities were identified within the Teracue ENC-400, including pre-authenticated remote code authentication. While the vendor has released updated firmware after these issues were identified, they...

10CVSS0.5AI score0.15362EPSS
Exploits5
zdt
zdt
added 2019/02/21 12:0 a.m.60 views

Teracue ENC-400 Command Injection / Missing Authentication Vulnerabilities

Teracue ENC-400 suffers from hard-coded credential, missing authentication, and command injection vulnerabilities. Teracue ENC-400 Command Injection / Missing Authentication Vulnerabilities Introduction ============ Multiple vulnerabilities were identified within the Teracue ENC-400, including...

0.4AI score0.15362EPSS
Exploits5
packetstorm
packetstorm
added 2018/07/27 12:0 a.m.48 views

Online Trade 1 Information Disclosure

Exploit Title: Online Trade 1 - Information Disclosure Exploit Author: Dhamotharan Date: 2018-07-17 Vendor Homepage: https://codecanyon.net/item/online-trade-online-forex-and-cryptocurrency-investment-system/21987193?srank=14 CVE : CVE-2018-14328 Version: 1 Tested on: Kali Linux Description :...

9.7AI score0.10662EPSS
Exploits5
Rows per page
Query Builder