17 matches found
EUVD-2023-37931
Malicious code in bioql PyPI...
CVE-2023-33780
A stored cross-site scripting XSS vulnerability in TFDi Design smartCARS 3 v0.7.0 and below allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the body of news article...
CVE-2023-28441
smartCARS 3 is flight tracking software. In version 0.5.8 and prior, all persons who have failed login attempts will have their password stored in error logs. This problem doesn't occur in version 0.5.9. As a workaround, delete the affected log file, and ensure one logs in correctly...
CVE-2023-33780
A stored cross-site scripting XSS vulnerability in TFDi Design smartCARS 3 v0.7.0 and below allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the body of news article...
CVE-2023-33780
A stored cross-site scripting XSS vulnerability in TFDi Design smartCARS 3 v0.7.0 and below allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the body of news article...
CVE-2023-33780
A stored cross-site scripting XSS vulnerability in TFDi Design smartCARS 3 v0.7.0 and below allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the body of news article...
Invernyx smartCARS 跨站脚本漏洞
Invernyx smartCARS is an application from Invernyx Corporation. A security vulnerability exists in Invernyx smartCARS 3 prior to v0.7.0 that originated from a vulnerability that allows an attacker to execute arbitrary web script or HTML by injecting a crafted payload into the body of a news artic...
CVE-2023-33780
CVE-2023-33780 affects TFDi Design smartCARS 3, versions up to 0.7.0. The vulnerability is a stored XSS that allows an attacker to inject arbitrary scripts/HTML into the body of a news article, with impact primarily on confidentiality and integrity (CVSS v3.1: 5.4, MEDIUM). The underlying issue i...
CVE-2023-33780
A stored cross-site scripting XSS vulnerability in TFDi Design smartCARS 3 v0.7.0 and below allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the body of news article...
CVE-2023-28441
smartCARS 3 is flight tracking software. In version 0.5.8 and prior, all persons who have failed login attempts will have their password stored in error logs. This problem doesn't occur in version 0.5.9. As a workaround, delete the affected log file, and ensure one logs in correctly...
Design/Logic Flaw
smartCARS 3 is flight tracking software. In version 0.5.8 and prior, all persons who have failed login attempts will have their password stored in error logs. This problem doesn't occur in version 0.5.9. As a workaround, delete the affected log file, and ensure one logs in correctly...
CVE-2023-28441 smartCARS 3 Password Stored as plain text in Error Log
smartCARS 3 is flight tracking software. In version 0.5.8 and prior, all persons who have failed login attempts will have their password stored in error logs. This problem doesn't occur in version 0.5.9. As a workaround, delete the affected log file, and ensure one logs in correctly...
CVE-2023-28441 smartCARS 3 Password Stored as plain text in Error Log
smartCARS 3 is flight tracking software. In version 0.5.8 and prior, all persons who have failed login attempts will have their password stored in error logs. This problem doesn't occur in version 0.5.9. As a workaround, delete the affected log file, and ensure one logs in correctly...
CVE-2023-28441 smartCARS 3 Password Stored as plain text in Error Log
smartCARS 3 is flight tracking software. In version 0.5.8 and prior, all persons who have failed login attempts will have their password stored in error logs. This problem doesn't occur in version 0.5.9. As a workaround, delete the affected log file, and ensure one logs in correctly...
CVE-2023-28441
CVE-2023-28441 affects smartCARS 3 (versions 0.5.8 and earlier). The root issue is that failed login attempts cause passwords to be stored in error logs. This vulnerability is not present in version 0.5.9. A practical workaround is to delete the affected log file and ensure login is performed cor...
smartCARS 日志信息泄露漏洞
Invernyx smartCARS is an application from Invernyx Corporation. A log information disclosure vulnerability exists in smartCARS version 0.5.8 and earlier, which stems from the fact that all failed login attempts store their passwords in an error log...
PT-2023-21724 · Unknown · Smartcars 3
Name of the Vulnerable Software and Affected Versions: smartCARS 3 versions 0.5.8 and prior Description: The issue affects smartCARS 3, a flight tracking software. In the affected versions, failed login attempts result in passwords being stored in error logs. This does not occur in version 0.5.9...