32 matches found
EUVD-2022-38961
Malicious code in bioql PyPI...
EUVD-2022-38965
Malicious code in bioql PyPI...
EUVD-2022-38967
Malicious code in bioql PyPI...
EUVD-2022-38968
Malicious code in bioql PyPI...
EUVD-2022-38962
Malicious code in bioql PyPI...
CVE-2022-36247
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za...
CVE-2022-36244
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 suffers from Multiple Stored Cross-Site Scripting XSS vulnerabilities via Shop Beat Control Panel found at www.shopbeat.co.za controlpanel.shopbeat.co.za...
CVE-2022-36250
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Cross Site Request Forgery CSRF...
CVE-2022-36243
Shop Beat Solutions pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Directory Traversal via server.shopbeat.co.za. Information Exposure Through Directory Listing vulnerability in "studio" software of Shop Beat. This issue affects: Shop Beat studio studio versions prior to 3.2....
CVE-2022-36249
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Bypass 2FA via APIs. For Controlpanel Lite. "After login we are directly able to use the bearer token or jsession ID to access the apis instead of entering the 2FA code. Thus, leading to bypass of 2FA on API...
Code injection
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Insecure Permissions...
Code injection
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za...
Directory traversal
Shop Beat Solutions pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Directory Traversal via server.shopbeat.co.za. Information Exposure Through Directory Listing vulnerability in "studio" software of Shop Beat. This issue affects: Shop Beat studio studio versions prior to 3.2....
Cross site scripting
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 suffers from Multiple Stored Cross-Site Scripting XSS vulnerabilities via Shop Beat Control Panel found at www.shopbeat.co.za controlpanel.shopbeat.co.za...
Cross site request forgery (csrf)
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Cross Site Request Forgery CSRF...
CVE-2022-36247 Shop Beat Services Vulnerable To IDOR
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za...
CVE-2022-36249
Shop Beat Media Player v2.5.95–v3.2.57 is affected by a vulnerability that allows bypassing secondary authentication (2FA) at the API level. After login, an attacker can use a bearer token or jsession ID to access APIs without entering the 2FA code, specifically impacting Controlpanel Lite. Root ...
CVE-2022-36246 Shop Beat Services Vulnerable To Insecure Permissions
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Insecure Permissions...
CVE-2022-36243 Directory Traversal on Shop Beat Services
Shop Beat Solutions pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Directory Traversal via server.shopbeat.co.za. Information Exposure Through Directory Listing vulnerability in "studio" software of Shop Beat. This issue affects: Shop Beat studio studio versions prior to 3.2....
CVE-2022-36246
CVE-2022-36246 affects Shop Beat Media Player versions 2.5.95 through 3.2.57. The issue is an insecure permissions vulnerability in the product, with high impact on confidentiality, integrity, and availability (CVSS 3.1: 9.8, Network attack, no user interaction). Root cause and technical exploit ...