Lucene search
K

101 matches found

Positive Technologies
Positive Technologies
added 2023/12/17 12:0 a.m.3 views

PT-2023-31338 · Softlab · Softlab Integrate Google Drive

Name of the Vulnerable Software and Affected Versions: SoftLab Integrate Google Drive versions 1.3.4 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...

8.8CVSS8.7AI score0.00259EPSS
Exploits0References7
OSV
OSV
added 2023/12/07 1:15 p.m.4 views

CVE-2023-47548

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive – Browse, Upload, Download, Embed, Play,...

6.1CVSS6.8AI score0.0039EPSS
Exploits0References1
NVD
NVD
added 2023/12/07 1:15 p.m.30 views

CVE-2023-47548

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive – Browse, Upload, Download, Embed, Play,...

6.1CVSS0.0039EPSS
Exploits0References1
Prion
Prion
added 2023/12/07 1:15 p.m.19 views

Open redirect

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive – Browse, Upload, Download, Embed, Play,...

5.8CVSS7.1AI score0.0039EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/07 12:15 p.m.62 views

CVE-2023-47548

CVE-2023-47548 is an Open Redirect vulnerability in the WordPress plugin “Integrate Google Drive” (SoftLab Integrate Google Drive). Affected versions are up to and including 1.3.2; the issue allows unauthenticated exploitation via unvalidated redirect URLs. The vulnerability has been fixed in ver...

6.1CVSS7AI score0.0039EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/07/17 12:0 a.m.6 views

PT-2023-23625 · Softlab · Softlab Integrate Google Drive

Name of the Vulnerable Software and Affected Versions: SoftLab Integrate Google Drive versions n/a through 1.1.99 Description: The issue is related to a Missing Authorization vulnerability in SoftLab Integrate Google Drive, allowing exploitation of incorrectly configured access control security...

9.8CVSS8.6AI score0.06399EPSS
Exploits0References11
CNVD
CNVD
added 2021/04/19 12:0 a.m.20 views

DMA Softlab Radius Manager Unauthorized Access Vulnerability

DMA Softlab Radius Manager is an application from DMA Softlab Inc. An easy-to-use management system for Mikrotik, Cisco, StarOS, Chillispot, DD-WRT, pfSense NAS devices and DOCSIS CMTS. An unauthorized access vulnerability exists in DMA Softlab Radius Manager version 4.4.0 that stems from a cooki...

9.8CVSS6.8AI score0.03205EPSS
Exploits3References1
CNVD
CNVD
added 2021/04/19 12:0 a.m.12 views

DMA Softlab Radius Manager Cross-Site Scripting Vulnerability

DMA Softlab Radius Manager is an application from DMA Softlab Inc. An easy-to-use management system for Mikrotik, Cisco, StarOS, Chillispot, DD-WRT, pfSense NAS devices and DOCSIS CMTS. A cross-site scripting vulnerability exists in DMA Softlab Radius Manager version 4.4.0, which originates from...

6.1CVSS5.9AI score0.01392EPSS
Exploits3References1
NVD
NVD
added 2021/04/07 3:15 a.m.39 views

CVE-2021-30147

DMA Softlab Radius Manager 4.4.0 allows CSRF with impacts such as adding new manager accounts via admin.php...

8.8CVSS0.0352EPSS
Exploits4References3
Prion
Prion
added 2021/04/07 3:15 a.m.13 views

Cross site request forgery (csrf)

DMA Softlab Radius Manager 4.4.0 allows CSRF with impacts such as adding new manager accounts via admin.php...

6.8CVSS8.7AI score0.0352EPSS
Exploits4References3Affected Software1
UbuntuCve
UbuntuCve
added 2021/04/07 3:15 a.m.25 views

CVE-2021-30147

DMA Softlab Radius Manager 4.4.0 allows CSRF with impacts such as adding new manager accounts via admin.php...

8.8CVSS7.2AI score0.0352EPSS
Exploits4References3
Cvelist
Cvelist
added 2021/04/07 2:2 a.m.47 views

CVE-2021-30147

DMA Softlab Radius Manager 4.4.0 allows CSRF with impacts such as adding new manager accounts via admin.php...

9AI score0.0352EPSS
Exploits4References3
CVE
CVE
added 2021/04/07 2:2 a.m.132 views

CVE-2021-30147

DMA Softlab Radius Manager 4.4.0 is vulnerable to Cross-Site Request Forgery (CSRF), which can allow an attacker to add new manager accounts via admin.php. The issue is documented in multiple sources (e.g., CVE-2021-30147 entries and related CSRF disclosures). Affected component is the Radius Man...

8.8CVSS8.7AI score0.0352EPSS
Exploits4References3Affected Software1
CNNVD
CNNVD
added 2021/04/06 12:0 a.m.4 views

DMA Softlab DMA Radius Manager 跨站请求伪造漏洞

DMA Softlab DMA Radius Manager is an application from DMA Softlab Inc. Easy-to-use management system for Mikrotik, Cisco, StarOS, Chillispot, DD-WRT, pfSense NAS devices and DOCSIS CMTS. A cross-site request forgery vulnerability exists in DMA Softlab Radius Manager 4.4.0 that allows adding a new...

8.8CVSS7.7AI score0.0352EPSS
Exploits4References6
NVD
NVD
added 2021/04/02 1:15 p.m.11 views

CVE-2021-29012

DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to every admin session. The cookie is valid when the admin is logged in, but is invalid temporarily during times when the admin is logged out. In other words, the cookie is functionally equivalent to a static password, and thus...

9.8CVSS0.03205EPSS
Exploits3References3
Prion
Prion
added 2021/04/02 1:15 p.m.10 views

Cross site scripting

DMA Softlab Radius Manager 4.4.0 is affected by Cross Site Scripting XSS via the description, name, or address field under admin.php...

4.3CVSS6AI score0.01392EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2021/04/02 12:53 p.m.17 views

CVE-2021-29011

DMA Softlab Radius Manager 4.4.0 is affected by Cross Site Scripting XSS via the description, name, or address field under admin.php...

6.2AI score0.01392EPSS
Exploits3References3
CVE
CVE
added 2021/04/02 12:53 p.m.78 views

CVE-2021-29011

CVE-2021-29011 affects DMA Softlab Radius Manager 4.4.0 and is described as a Cross Site Scripting (XSS) vulnerability exploitable via the description, name, or address fields under admin.php. The connected documents corroborate an XSS issue with this version; CVSS metrics in the primary entry sh...

6.1CVSS7.3AI score0.01392EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2021/04/02 12:51 p.m.16 views

CVE-2021-29012

DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to every admin session. The cookie is valid when the admin is logged in, but is invalid temporarily during times when the admin is logged out. In other words, the cookie is functionally equivalent to a static password, and thus...

9.6AI score0.03205EPSS
Exploits3References3
CVE
CVE
added 2021/04/02 12:51 p.m.61 views

CVE-2021-29012

DMA Softlab Radius Manager 4.4.0 suffers a session-management flaw where the same admin session cookie is issued to all admin sessions. The cookie remains valid while logged in but is temporarily invalid when logged out, effectively acting as a static password and enabling permanent access if sto...

9.8CVSS9.3AI score0.03205EPSS
Exploits3References3Affected Software1
Rows per page
Query Builder