Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNVD
CNVDadded 2019/06/04 12:0 a.m.1 views

SAET Impianti Speciali TEBE Small WebApp Path Traversal Vulnerability

SAET Impianti Speciali TEBE Small is a physical access control system from the Italian company SAET. webApp is one of the web-based management programs. A path traversal vulnerability exists in WebApp version v04.68 in SAET Impianti Speciali TEBE Small 05.01 build 1137, which can be exploited by ...

9.8CVSS6.7AI score0.01655EPSS
Exploits1References1
NVD
NVDadded 2019/05/31 10:29 p.m.8 views

CVE-2019-9106

The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices allows remote attackers to execute or include local .php files, as demonstrated by menu=php://filter/convert.base64-encode/resource=index.php to read index.php...

9.8CVSS9.3AI score0.01655EPSS
Exploits1References2
NVD
NVDadded 2019/05/31 10:29 p.m.11 views

CVE-2019-9105

The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices allows remote attackers to make several types of API calls without authentication, as demonstrated by retrieving password hashes via an inc/utils/RESTAPI.php?command=CallAPI&customurl=alladminusers...

7.5CVSS7.7AI score0.00516EPSS
Exploits1References2
Prion
Prionadded 2019/05/31 10:29 p.m.7 views

Authentication flaw

The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices allows remote attackers to make several types of API calls without authentication, as demonstrated by retrieving password hashes via an inc/utils/RESTAPI.php?command=CallAPI&customurl=alladminusers...

5CVSS7.7AI score0.00516EPSS
Exploits1References2Affected Software2
Cvelist
Cvelistadded 2019/05/31 9:22 p.m.10 views

CVE-2019-9106

The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices allows remote attackers to execute or include local .php files, as demonstrated by menu=php://filter/convert.base64-encode/resource=index.php to read index.php...

9.3AI score0.01655EPSS
Exploits1References2
CVE
CVEadded 2019/05/31 9:21 p.m.254 views

CVE-2019-9105

The CVE-2019-9105 entry concerns WebApp v04.68 on SAET Impianti Speciali TEBE Small 05.01 build 1137 shown as vulnerable to unauthenticated API calls, demonstrated by returning password hashes via inc/utils/REST_API.php?command=CallAPI&customurl=alladminusers. Connected documents corroborate an a...

7.5CVSS7.6AI score0.00516EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2019/05/31 9:21 p.m.12 views

CVE-2019-9105

The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Small 05.01 build 1137 devices allows remote attackers to make several types of API calls without authentication, as demonstrated by retrieving password hashes via an inc/utils/RESTAPI.php?command=CallAPI&customurl=alladminusers...

7.7AI score0.00516EPSS
Exploits1References2
Rows per page
Query Builder