32 matches found
EUVD-2022-38965
Malicious code in bioql PyPI...
EUVD-2022-38967
Malicious code in bioql PyPI...
EUVD-2022-38962
Malicious code in bioql PyPI...
EUVD-2022-38968
Malicious code in bioql PyPI...
EUVD-2022-38961
Malicious code in bioql PyPI...
CVE-2022-36247
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za...
CVE-2022-36250
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Cross Site Request Forgery CSRF...
CVE-2022-36243
Shop Beat Solutions pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Directory Traversal via server.shopbeat.co.za. Information Exposure Through Directory Listing vulnerability in "studio" software of Shop Beat. This issue affects: Shop Beat studio studio versions prior to 3.2....
CVE-2022-36249
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Bypass 2FA via APIs. For Controlpanel Lite. "After login we are directly able to use the bearer token or jsession ID to access the apis instead of entering the 2FA code. Thus, leading to bypass of 2FA on API...
CVE-2022-36244
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 suffers from Multiple Stored Cross-Site Scripting XSS vulnerabilities via Shop Beat Control Panel found at www.shopbeat.co.za controlpanel.shopbeat.co.za...
Code injection
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za...
Code injection
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Insecure Permissions...
Directory traversal
Shop Beat Solutions pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Directory Traversal via server.shopbeat.co.za. Information Exposure Through Directory Listing vulnerability in "studio" software of Shop Beat. This issue affects: Shop Beat studio studio versions prior to 3.2....
Cross site scripting
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 suffers from Multiple Stored Cross-Site Scripting XSS vulnerabilities via Shop Beat Control Panel found at www.shopbeat.co.za controlpanel.shopbeat.co.za...
Cross site request forgery (csrf)
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Cross Site Request Forgery CSRF...
CVE-2022-36247 Shop Beat Services Vulnerable To IDOR
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za...
CVE-2022-36250 Cross Site Request Forgery on Shop Beat Services
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Cross Site Request Forgery CSRF...
CVE-2022-36247 Shop Beat Services Vulnerable To IDOR
Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to IDOR via controlpanel.shopbeat.co.za...
CVE-2022-36249
Shop Beat Media Player v2.5.95–v3.2.57 is affected by a vulnerability that allows bypassing secondary authentication (2FA) at the API level. After login, an attacker can use a bearer token or jsession ID to access APIs without entering the 2FA code, specifically impacting Controlpanel Lite. Root ...
CVE-2022-36243
CVE-2022-36243 affects Shop Beat Media Player (versions 2.5.95–3.2.57) and Shop Beat Studio (versions prior to 3.2.57) on ARM. The issue is a Directory Traversal via the server.shopbeat.co.za endpoint, leading to Information Exposure Through Directory Listing. Exploitation status is not detailed ...