Lucene search
K

59 matches found

cvelist
cvelist
added 2022/06/01 11:34 a.m.17 views

CVE-2022-26972

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a URL /cgi-bin endpoint. The URL parameters are not correctly sanitized, leading to reflected XSS...

6.5AI score0.00525EPSS
Exploits0References2
cve
cve
added 2022/06/01 11:34 a.m.62 views

CVE-2022-26972

Barco Control Room Management Suite (TransForm N) web application is affected up to version 3.14. The vulnerability stems from unsanitized URL parameters on the /cgi-bin endpoint, enabling reflected cross-site scripting (XSS). Multiple connected sources corroborate the issue and scope, without de...

6.1CVSS6.2AI score0.00525EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2022/06/01 11:34 a.m.30 views

CVE-2022-26971

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. This upload can be executed without authentication...

5.7AI score0.00674EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2022/06/01 12:0 a.m.4 views

PT-2022-18149 · Barco · Transform N +1

Name of the Vulnerable Software and Affected Versions: Barco Control Room Management Suite web application, which is part of TransForm N versions prior to 3.14 Description: The issue concerns the exposure of a license file upload mechanism in the web application without requiring authentication...

5.3CVSS5.3AI score0.00674EPSS
Exploits0References4
nvd
nvd
added 2021/01/08 6:15 p.m.38 views

CVE-2020-17503

The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in splitcardcmd.php in which the http parameter "lockin...

7.2CVSS7.5AI score0.02848EPSS
Exploits0References3
nvd
nvd
added 2021/01/08 6:15 p.m.28 views

CVE-2020-17502

Barco TransForm N before 3.8 allows Command Injection issue 2 of 4. The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users of the administration panel to perform authenticated remote code execution. An...

7.2CVSS7.7AI score0.02848EPSS
Exploits0References3
nvd
nvd
added 2021/01/08 6:15 p.m.70 views

CVE-2020-17504

The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in ngpsystemcmd.php in which the http parameters...

7.2CVSS7.5AI score0.02848EPSS
Exploits0References3
osv
osv
added 2021/01/08 6:15 p.m.4 views

CVE-2020-17503

The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in splitcardcmd.php in which the http parameter "lockin...

7.2CVSS7.3AI score0.02848EPSS
Exploits0References3
osv
osv
added 2021/01/08 6:15 p.m.2 views

CVE-2020-17504

The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in ngpsystemcmd.php in which the http parameters...

7.2CVSS6.1AI score0.02848EPSS
Exploits0References3
prion
prion
added 2021/01/08 6:15 p.m.12 views

Command injection

Barco TransForm N before 3.8 allows Command Injection issue 2 of 4. The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users of the administration panel to perform authenticated remote code execution. An...

6.5CVSS7.6AI score0.02848EPSS
Exploits0References3Affected Software1
prion
prion
added 2021/01/08 6:15 p.m.15 views

Command injection

The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in ngpsystemcmd.php in which the http parameters...

6.5CVSS7.5AI score0.02848EPSS
Exploits0References3Affected Software1
prion
prion
added 2021/01/08 6:15 p.m.15 views

Command injection

The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in splitcardcmd.php in which the http parameter "lockin...

6.5CVSS7.5AI score0.02848EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2021/01/08 5:19 p.m.25 views

CVE-2020-17504

The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in ngpsystemcmd.php in which the http parameters...

7.5AI score0.02848EPSS
Exploits0References3
cve
cve
added 2021/01/08 5:19 p.m.38 views

CVE-2020-17504

The CVE-2020-17504 issue affects Barco TransForm N solution’s NDN-210 device, where the web administration panel exposes a command injection vulnerability in ngpsystemcmd.php. Improper handling of the HTTP parameters x_modules and y_modules enables authenticated users to perform authenticated rem...

7.2CVSS7.5AI score0.02848EPSS
Exploits0References3Affected Software1
cve
cve
added 2021/01/08 5:17 p.m.58 views

CVE-2020-17503

CVE-2020-17503 affects Barco NDN-210 (TransForm N) via a command injection in split_card_cmd.php. The vulnerability allows authenticated users to perform remote code execution over the web admin panel due to improper handling of the http parameter "locking". Affected product is Barco TransForm N;...

7.2CVSS7.5AI score0.02848EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2021/01/08 5:17 p.m.36 views

CVE-2020-17503

The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in splitcardcmd.php in which the http parameter "lockin...

7.5AI score0.02848EPSS
Exploits0References3
cve
cve
added 2021/01/08 5:15 p.m.48 views

CVE-2020-17502

CVE-2020-17502 affects Barco TransForm NDN-210 Web administration panel (Barco TransForm N) before version 3.8. A command injection vulnerability exists in split_card_cmd.php where HTTP parameters xmodules, ymodules and savelocking are not properly handled, enabling authenticated users to perform...

7.2CVSS7.7AI score0.02848EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2021/01/08 5:15 p.m.40 views

CVE-2020-17502

Barco TransForm N before 3.8 allows Command Injection issue 2 of 4. The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users of the administration panel to perform authenticated remote code execution. An...

7.7AI score0.02848EPSS
Exploits0References3
cvelist
cvelist
added 2021/01/07 8:51 p.m.23 views

CVE-2020-17500

Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro before 3.8 allows Command Injection issue 1 of 4. The NDN-210 has a web administration panel which is made available over https. The logon method is basic authentication. There is a command injection issue that will result i...

10AI score0.03938EPSS
Exploits0References3
Rows per page
Query Builder