30 matches found
EUVD-2023-30551
Malicious code in bioql PyPI...
EUVD-2023-30552
Malicious code in bioql PyPI...
EUVD-2023-30555
Malicious code in bioql PyPI...
CVE-2023-26762
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an arbitrary file upload vulnerability...
CVE-2023-26758
Sme.UP TOKYO V6R1M220406 was discovered to contain an arbitrary file download vulnerabilty via the component /ResourceService...
CVE-2023-26759
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an OS command injection vulnerability via calls made to the XMService component...
CVE-2023-26762
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an arbitrary file upload vulnerability...
CVE-2023-26758
Sme.UP TOKYO V6R1M220406 was discovered to contain an arbitrary file download vulnerabilty via the component /ResourceService...
CVE-2023-26759
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an OS command injection vulnerability via calls made to the XMService component...
CVE-2023-26760
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an information disclosure vulnerability via the /debug endpoint. This vulnerability allows attackers to access cleartext credentials needed to authenticate to the AS400 system...
CVE-2023-26758
Sme.UP TOKYO V6R1M220406 was discovered to contain an arbitrary file download vulnerabilty via the component /ResourceService...
Privilege escalation
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an arbitrary file upload vulnerability...
Design/Logic Flaw
Sme.UP TOKYO V6R1M220406 was discovered to contain an arbitrary file download vulnerabilty via the component /ResourceService...
Information disclosure
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an information disclosure vulnerability via the /debug endpoint. This vulnerability allows attackers to access cleartext credentials needed to authenticate to the AS400 system...
Command injection
Sme.UP ERP TOKYO V6R1M220406 was discovered to contain an OS command injection vulnerability via calls made to the XMService component...
PT-2023-20785 · Unknown · Sme.Up Erp Tokyo
Name of the Vulnerable Software and Affected Versions: Sme.UP ERP TOKYO version V6R1M220406 Description: The issue is related to an arbitrary file upload vulnerability. Recommendations: For Sme.UP ERP TOKYO version V6R1M220406, at the moment, there is no information about a newer version that...
PT-2023-20781 · Unknown · Sme.Up Erp Tokyo
Name of the Vulnerable Software and Affected Versions: Sme.UP ERP TOKYO version V6R1M220406 Description: The issue is related to an OS command injection vulnerability. This vulnerability occurs via calls made to the XMService component. Recommendations: For Sme.UP ERP TOKYO version V6R1M220406, a...
CVE-2023-26758
Affected software: Sme.UP TOKYO V6R1M220406. Vulnerability: An arbitrary file download vulnerability exists in the /ResourceService component. Root cause / vector: Unspecified in detail beyond the /ResourceService path being vulnerable; affected product exposed to file download via that component...
CVE-2023-26759
The CVE-2023-26759 entry concerns Sme.UP ERP TOKYO V6R1M220406 and reports an OS command injection in the XMService component. The vulnerability affects the specified build and is described as enabling command execution without user interaction, with CVSS v3.1 metrics indicating a high-impact, ne...
CVE-2023-26762
CVE-2023-26762 affects Sme.UP ERP TOKYO V6R1M220406 and is an arbitrary file upload vulnerability. The provided data describe an external-facing issue with a CVSS v3.1 base score of 8.8 (High) and impact on confidentiality, integrity, and availability. The root cause is an arbitrary file upload f...